1. Patent Search
  2. Details

METHOD FOR THE AUTOMATED PAYMENT OF AN INTERNET-BASED PURCHASE

20170344966 · 2017-11-30

    Inventors

    Cpc classification

    International classification

    Abstract

    The present invention relates to a method and a system for the automated execution and billing of an internet-based online purchase of a user. According to the invention this provides for sensitive data such as e.g. payment information, to be stored in encrypted form in a local memory of a user terminal, with permanent storage of this data in an external server system for processing the purchase transaction being avoided.

    Claims

    1. A method for processing an internet-based purchase transaction of a user at a vendor, comprising the following steps: accessing a website comprising a product link of the product to be acquired by means of a browser on a user terminal by the user; selecting the product corresponding to the product link by the user by means of an interaction trigger independent of the vendor on the user terminal on the website mapping the product link; transmitting the product link to a web application server of a server system together with a username; initiating a checkout process on the part of the user by means of a checkout trigger; transmitting the product link as well as optionally further user data stored on the web application server to a transactions server independent of the web application server together with the username; transmitting the product link and the further user data from the transaction server to a browser simulation server independent from the transaction server together with the username; accessing a web shop by opening the product link in a web browser executed on a browser simulation server; executing a purchase operation with regard to the product in the web shop on the basis of execution data stored in the browser simulation server up to the point of payment options; query by the transaction server to the browser simulation server regarding the possibility of a certain payment option; replying to the query by the transaction server regarding a certain payment option by the browser simulation server with yes or no; if the browser simulation server replies to the query of the transaction server regarding a certain payment option with yes, the following steps are executed: in case data is missing regarding a certain payment option by the browser simulation server, the missing data is queried via the transaction server and the web application server from the user, and the non-encrypted or decrypted payment information is transmitted via the web application server to the transaction server for encryption using a generated encryption key, the encrypted payment information being supplied via the web application server to the local memory. retrieving the encrypted payment information from the local memory via the browser by the web application server and transmission via the transaction server; decrypting the encrypted payment information using the decryption key and forwarding the decrypted payment information to the browser simulation server; if the browser simulation server replies to the query of the transaction server regarding a certain payment option with no, an alternative certain payment option is requested by the transaction server from the browser simulation server; triggering a payment routine regarding a certain payment option in the web shop by the browser simulation server; transmitting the decrypted payment information from the browser simulation server to a payment provider corresponding to the certain payment option; query from the transaction server to the browser simulation server regarding completion of the purchase transaction; confirming completion of the purchase transaction by the browser simulation server to the transaction server with yes or no; if the reply to the query of the transaction server to the browser simulation server regarding completion of the purchase transaction is yes, a success message is transmitted to the web application server together with the username; upon receipt of a success message by the transaction server a success message is sent by the web application server to the user terminal.

    2. The method according to claim 1, wherein the username comprises an unequivocal user-ID generated by a server of the server system, which upon request of the user terminal is transmitted from the web application server to the user terminal.

    3. The method according to claim 1, the method comprising, ahead of the step “ . . . transmission of payment information stored encrypted on the user terminal to the web application server . . . ”, a registration step, in which the user registers with the server system at least by submitting his email address or telephone number as well as optionally further user data by means of entering these on the user terminal, and the user is assigned a username and/or a user-ID, wherein the username and/or a user-ID is stored both within the server system and within the user terminal in a local memory.

    4. The method according to claim 1, wherein the registration step comprises the automatic creation of an email address assigned to the user, the username and/or the user-ID on a mail server of the server system.

    5. The method according to claim 1, wherein during the course of the checkout of the user at the server system payment information is queried, which is encrypted by means of an encryption key on the transaction server and is returned in encrypted form via the web application server to the user terminal and is stored in encrypted form on the user terminal in a local memory, wherein the encryption key which is suitable for decrypting the payment information stored on the user terminal is preferably stored on the transaction server.

    6. The method according to claim 1, wherein prior to accessing a website having a product link to the product to be acquired by means of a browser on a user terminal by the user, a communication handler is installed on the user terminal, via which the communication between the user terminal and the server system takes place additionally or completely.

    7. The method according to claim 6, wherein the communication handler is a browser extension, a desktop extension, an app or a snippet integrated with the website mapping the product link.

    8. The method according to claim 1, wherein the method, in the case that during execution of a purchase transaction regarding a product in the web shop on the basis of execution data filed in the browser simulation server a double-opt-in is provided on the vendor's side by means of a confirmation mail, comprises the following additional steps: indication of the email address automatically generated and stored within the server system, and assigned to the user, the username or the user-ID; reading the double-opt-in confirmation email received at the generated email address to the mail server of the server system; automatic execution of an interaction trigger contained in the double-opt-in confirmation email by the server system, preferably the mail server and/or the browser simulation server by the web browser on the browser simulation server by forwarding the information from the mail server via the web application server and the transaction server.

    9. The method according to claim 1, comprising the following method steps: storing the product link, at least temporarily, transmitted to the web application server in a queue list within the local memory including assigning the username and/or user-ID; collecting in the queue list further product links assignable to the user, the username and/or the user-ID and transmitted to the web application server by the user terminal prior to initiating the checkout process on the side of the user by means of the checkout trigger; processing the product links step-by-step in the queue list.

    10. A server system for processing internet-based purchase transactions in a majority of users, comprising: a web application server; a transaction server; and a browser simulation server, wherein the web application server is configured to receive purchasing information on an intended purchase transaction of a user and to transmit this together with stored user information and encrypted payment information to the transaction server, wherein the transaction server comprises means for decrypting the encrypted payment information received from the web application server, wherein the transaction server is configured to transmit the decrypted payment information together with the purchasing information and the stored information to the browser simulation server, wherein the transaction server is configured such that the communication between the web application server and the transaction server on the one hand and transaction server and browser simulation server on the other hand is effected exclusively via fixed ports with fixed IP addresses being assigned, wherein the server system comprises means for avoiding a direct communication between the web application server and the browser simulation server and wherein the server system comprises means for avoiding a direct communication of the transaction server with the internet, with the exception of a defined service access option.

    11. The server system according to claim 10, wherein this comprises a mail server, wherein the mail server and/or the web application server comprises means for automatically creating an email address including assigning a user, a username and/or a user-ID.

    12. The server system according to claim 11, wherein this comprises a customer data server for preferably storing purchasing information, username, user-ID, generated email addresses, further user data.

    13. The server system according to claim 12, wherein the customer data server is configured such that the communication between web application server and customer data server is effected exclusively via fixed ports including assigning fixed IP-addresses, wherein the server system comprises means for avoiding a direct communication between the customer data server and the browser simulation server, wherein the server system comprises means for avoiding a direct communication between the customer data server and the transaction server, wherein the server system comprises means for avoiding a direction communication between the customer data server and the mail server and wherein the server system comprises means for avoiding a direct communication of the customer data server with the internet, with the exception of a defined service access option.

    Description

    [0097] The invention will now be explained in detail with reference to the attached figures.

    [0098] FIG. 1 shows a procedure diagram for processing an internet-based purchase transaction of a user (100) at a vendor comprising the steps of: [0099] retrieval, by the user (100), of a product link (131) to the website (132) having the product to be acquired, by means of a browser (110) in a user terminal (101).

    [0100] FIG. 2 shows a procedure diagram for a procedure for processing an internet-based purchase transaction of a user (100) at a vendor comprising the steps of: [0101] retrieval, by the user (100), of a product link (131) to the website (132) having the product to be acquired, by means of a browser (110) in a user terminal (101); the user (100) selecting the product corresponding to the product link (131) and article information (205) via the browser (110) by means of an interaction trigger (113) independent of the vendor on the user terminal (101) via the browser (110) on the website (132) mapping the product link; [0102] transmitting the product link (131), and optionally article information (205) to a web application server (121) of a server system.

    [0103] The communication between server system and browser (110) can be replaced or complemented via a communication handler (111). The communication handler (111) may preferably be an app, a local application, a desktop or browser extension. It may be necessary for the communication handler to be separately installed prior to initial use.

    [0104] FIG. 3 shows a procedure diagram for an implementation of the method according to the invention, wherein the username (201) comprises an unequivocal user-ID generated by a server (121) of the server system, which upon request of the browser (110) on the user terminal (101) is transmitted by the web application server (121) to the browser (110) on the user terminal. Depending on the way in which the procedure is designed, this may be effected by means of a communication handler (111). Following completion of a registration process the user can log in via the browser (110) on his user terminal on the web application server (121) by entering a username (201) and associated password in addition to the username (201). The login data generated can be stored in a local memory (112) on the user terminal.

    [0105] FIG. 4 shows a procedure diagram for an implementation of the method according to the invention comprising the following further steps: [0106] initiation, by the user (100) of a checkout process by means of a checkout trigger (114) via the browser (110).

    [0107] The communication between the server (121) of the server system and the browser (110) may be replaced or complemented via a communication handler (111).

    [0108] FIG. 5 shows a procedure diagram for an implementation of the method according to the invention, in which the user (100) creates an account at a web application server (121) of the server system. This may comprise a registration step, in which the user (100) registers with the web application server (121) by preferably indicating at least his email address or telephone number and optionally further user data (210) by means of entering these via the browser or the communication handler (111) on the user terminal (101), and the user (100) is allocated a username (201), wherein the username (201) is stored both within the server system as well as within the user terminal (101) in a local memory (112) taking into account the user-ID (203).

    [0109] FIG. 6 shows, with regard to an implementation of the method according to the invention, a procedure diagram for the login process of a user (100). Following completion of a registration process the user can log in via the browser (110) on his user terminal on the web application server (121) by entering a username (201) and associated password in addition to the username (201). The communication between the server (121) of the server system and the user terminal (101) und/or the browser (110) may be replaced or complemented via a communication handler (111).

    [0110] FIG. 7 shows, with regard to an implementation of the method according to the invention, a procedure diagram for combining the username (201) and the purchase transaction data. Following completion of a registration process the user can log in via the browser (110) on his user terminal (101) on the web application server (121) by entering a username (201) and associated password in addition to the username (201). Following the login process the product links (131) assigned to the possibly changed user-ID (203) are stored on the server system, preferably on the web application server (121), and assigned together with the username (201) and user-ID (203) via the browser (110) to the local memory (112). The communication between the server (121) of the server system and the user terminal (101) und/or the browser (110) may be replaced or complemented via a communication handler (111).

    [0111] FIGS. 8 and 9, with regard to an implementation of the method according to the invention, show a procedure diagram for the input of payment data. As part of the user's checkout the server system (120) is queried for payment information (220), which on the side of the user terminal (101), via the browser (110), is encrypted by means of an encryption key (202) on a transaction server (122) and then stored back via the web application server (121) and the browser (110) on the user terminal (101) encrypted in a local memory (112). The encryption key (202), which is suitable for decryption of the payment information (220) stored on the user terminal (101) by the transaction server (122), is preferably stored within the server system (120), especially preferably on the transaction server (122).

    [0112] FIG. 10 shows, with regard to an implementation of the method according to the invention, a procedure diagram for the hand-over of the article information (205), the product link (131) and the username (201) as well as user-ID (203) to a checkout queue. The method comprises the following additional method steps: [0113] storing the product link (131), at least temporarily, transmitted to the web application server (121) and the article information (205) in a queue list (115) within the local memory (112) via the browser (110), including assigning the username (201) and/or user-ID (203); [0114] collecting further product links assignable to the username (201) and transmitted to the web application server (121) from the local memory (112) via the browser (110), in the queue list (115) after initiation of the checkout process on the part of the user (100) by means of the checkout trigger; [0115] processing the product links (131) in the queue list (115) and the associated article information (205) step by step by sending the product links (131), the username (201) and/or the user-ID (203) to the web application server (121). The communication between the server (121) of the server system and the user terminal (101) and/or the browser (110) may be replaced or complemented via a communication handler (111).

    [0116] FIG. 11 shows, with regard to an implementation of the method according to the invention, a procedure diagram for processing the checkout for a first unfinished shop in the queue list (115). The method comprises the following steps: [0117] retrieving a product link (131) placed in the queue list (115) from the local memory (112) of the user terminal; [0118] transmitting the product link (131) to a web application server (121) of a server system (120) together with a username (201) and/or the user-ID (203 as well as further article information (205); [0119] transmitting the product link (131) as well as optionally further user data (210) stored on a transaction server (122) which is independent of the web application server (121) together with the username (201); [0120] subsequently forwarding the product link (131) together with a username (201) and/or user-ID (203) as well further article information (205) from the transaction server (122) to the browser simulation server (123) and opening a browser (1231) on the browser simulation server (123); [0121] retrieving the product link (131) in the browser (1231) opened on the browser simulation server (123) and simulating the inputs for the further article information (205), the username (201) within the browser (1231);

    [0122] The communication between the server (121) of the server system and the user terminal (101) and/or the browser (110) may be replaced or complemented via a communication handler (111).

    [0123] FIG. 12 shows, with regard to an implementation of the method according to the invention, a procedure diagram for the transfer of an article/the product link (131) corresponding to the article (131) and the associated user data (210), as well as the username (201) from the central shopping cart into the respective shopping cart of a shop page (130), as well as returning a status message (242) from the shop page (130) to the browser simulation server (123).

    [0124] FIG. 13 shows, with regard to an implementation of the method according to the invention, a procedure diagram for creating an account with a web shop (130) by means of an email address (204) generated within the server system and assigned to the user-ID (203) or the username (201).

    [0125] FIG. 14 shows, with regard to an implementation of the method according to the invention, a procedure diagram for confirming a purchase transaction by means of double-opt-in with a web shop (130) triggered by calling the mail server (124) of the email sent by the web shop (130).

    [0126] FIG. 15 shows, with regard to an implementation of the method according to the invention, a procedure diagram for executing a payment operation. The method comprises the following method steps: [0127] query by the transaction server (122) to a browser simulation server (123) regarding the possibility of a certain payment option; [0128] replying to the query from the transaction server (122) regarding a certain payment option with yes or no by the browser simulation server (123); [0129] if the reply to the query from the transaction server (122) regarding a certain payment option by the browser simulation server (123) is yes, the following steps are executed: [0130] in case of missing data regarding a certain payment option from the browser simulation server (123), the missing data are queried from the user (100) via the transaction server (122) and the web application server (121) and the non-encrypted/decrypted payment information (221) is transmitted via the web application server (121) to the transaction server (122) for encryption with a generated encryption key (202) and delivery of the encrypted payment information (220) via the web application server to the local memory (112). [0131] querying the encrypted payment information (220) from the local memory (112) via the browser (110) by the web application server (121) and transmission to the transaction server (122); [0132] decrypting the encrypted payment information (220) by means of the encryption key (202) and forwarding the decrypted payment information (221) to the browser simulation server (123); [0133] if the reply to the query from the transaction server (122) regarding a certain payment option by the browser simulation server (123) is no, querying an alternative certain payment option by the transaction server (122) from the browser simulation server (123); [0134] triggering a payment routine regarding the certain payment option in the web shop (130) by the browser simulation server (123); [0135] transmitting the decrypted payment information from the browser simulation server (123) to a payment provider (140) corresponding to the certain payment option; [0136] query by the transaction server (122) to the browser simulation server (123) regarding the completion of the purchase transaction; [0137] confirming completion of the purchase transaction by the browser simulation server (123) to the transaction server (122) with yes or no; [0138] if the reply to the query from the transaction server (122) to the browser simulation server (123) regarding completion of the purchase transaction is yes, a success message is sent to the web application server (121) together with the username (201); [0139] upon receipt of a success message from the transaction server (122) a success message is sent by the web application server (121) to the user terminal (101). The communication between the server (121) of the server system and the user terminal (101) and/or the browser (110) may be replaced or complemented via a communication handler (111).

    TABLE-US-00001 Reference Symbols: 100 User 101 User terminal 110 Browser 111 Communication handler 112 Local memory 113 Interaction trigger 114 Checkout trigger 115 Queue list 120 Server system 121 Web application server 122 Transaction server 123 Browser simulation server 124 Mail server 125 Customer data server 130 Shop page 131 Product link 132 Website having the Product link 139 Vendor 140 Payment provider 200 Purchase information 201 Username 202 Encryption key 203 User-ID 204 Generated email address 205 Additional article information 210 Further user data 220 Encrypted payment information 221 Decrypted payment information 231 Stored execution data 241 Predefined payments 242 Status message (yes/no) 1221 Fixed port 1222 Fixed port 1223 Fixed port 1231 Web browser