Four-party credit/debit payment protocol

Abstract

A method, system, program, and method of doing business are disclosed for electronic commerce that includes the feature of a “thin” consumer's wallet by providing issuers with an active role in each payment. This is achieved by adding an issuer gateway and moving the credit/debit card authorization function from the merchant to the issuer. This enables an issuer to independently choose alternate authentication mechanisms without changing the acquirer gateway. It also results in a significant reduction in complexity, thereby improving the ease of implementation and overall performance.

Description

thenor asymmetric digital signaturethemessage33. 3. In FIG. 4, path 224, the Wallet initiation message causes consumer's browser to start consumer's wallet. Consumer is prompted to logon to the wallet using userid/password, smartcard, or other appropriate authentication mechanism. Wallet sends data from step 1, plus consumer's identity and authentication data to the issuer gateway.

4. In FIG. 4, path 402, the issuer gateway verifies the merchant's signature and digital certificate to validate that the merchant and issuer share a common financial arrangement established by national law or a financial association such as MasterCard, Visa, an ATM network, or similar organization. Issuer gateway authorizes payment via issuer's credit card processing system. Issuer gateway generates and sends a signed authorization token directly to the merchant, along with the issuer gateway's certificate. The authorization token contains the data from step 1 plus a merchant identifier and a reference to the consumer's credit card number, as with the base protocol.

Note that the authorization token is “bound” to the particular payment by the reference to the consumer's credit card number, merchant identifier, payment amount, timestamp, and nonce. This means that a specific authorization token is good for just one payment.

• • 5. In FIG. 4, path 402, the merchant verifies both the issuer gateway's signature and the data in the authorization token. No separate realtime authorization is required since the payment is “pre-authorized” before it reaches the merchant. Merchant sends acknowledgement back to issuer gateway.
  • 5 6. In FIG. 4, path 224, the Issuer gateway sends acknowledgement back to the consumer wallet, which terminates so that normal browsing can proceed.
  • 6 7. In FIG. 4, path 242, at some later time, the merchant submits the authorization token in a capture request to the acquirer's payment gateway. The capture request tells the acquirer to actually post the charge to the consumer's credit or debit account.

The difference between this and the base design is that the issuer gateway sends the authorization token directly to the merchant, instead of relaying it through the consumer wallet. The primary advantage of this design is that it matches a “thin” wallet design by moving responsibility for error recovery to the issuer gateway. The disadvantage is that the consumer wallet (and hence the consumer) has less opportunity to be aware of the progress of the payment.

The principle of operation of the invention applies to both non-interactive internet communications such as email, as well as to interactive applications such as the World Wide Web. The method of the invention includes the step of sending from a consumer's computer to an issuer gateway for an issuing bank, an authorization request message containing consumer identity and authentication information, payment amount, an order description, a timestamp, a digital certificate representing a merchant, and a digital certificate representing the merchants acquiring bank. Then the method continues with the merchant's digital certificate containing a merchant identifier unique for the acquiring bank. Then the method continues with the acquiring bank's digital certificate containing a bank identifier unique among all banks sharing a common financial arrangement. Then the method continues with the step of validating at the issuer gateway the merchant's certificate and the acquirer's certificate to prove that the merchant, acquirer, and issuer share a common financial arrangement. Then the method continues with the step of the issuer gateway verifying the consumer's account and ensuring that funds and/or credit are available to support the payment amount, then authorizing payment by sending over the internet network an authorization token, an issuer's digital certificate, and a reference to the consumer's credit or debit card number. Then the method continues with the authorization token including the payment amount, order description, timestamp, a random nonce, the merchant identifier from the merchant's digital certificate, and the acquiring bank identifier from the acquiring bank's digital certificate, plus a reference to the consumer's credit or debit card number. Then the method continues with the authorization token being digitally signed by the issuing bank. Then the method continues with the step of merchant's computer receiving the authorization token and fulfilling the order description.

The method can include the feature of sending from a merchant's computer over an internet network to a consumer's computer, a merchant message including a wallet initiation message, a merchant digital certificate, and a digital certificate from an acquiring bank, the wallet initiation message including a payment amount, an order description, and a timestamp. Then the method starts a consumer's wallet program in the consumer's computer in response to the wallet initiation message. Then the consumer's wallet program sends the authorization request message.

The method can include the feature of including with the wallet initiation message a merchant's digital signature of the wallet initiation message, including the wallet initiation message and the merchant's digital signature in the authorization request message, and verifying at the issuer gateway the merchant's signature to prove that the consumer is dealing with the actual merchant.

The merchant's computer can perform the steps of receiving the authorization token, verifying the issuer's signature, digital certificate, the payment amount and merchant identity in the authorization token, verifying the freshness of the authorization token via the timestamp in the token, using the nonce in the authorization token to recognize duplicate tokens, and fulfilling the order description.

The merchant can claim payment through the acquiring bank by forwarding the customer reference number and payment amount to the acquiring bank. In the case of a subsequent dispute, the merchant proves payment authorization by submitting a copy of the authorization token and issuer's digital certificate to the acquiring bank. The acquiring bank verifies the issuer's signature on the authorization token, validates the issuer's digital certificate, checks for duplicates via the timestamp in the authorization token, and then the acquiring bank pays the amount indicated in the authorization token.

The authorization request message and authorization token can include a hash of an order description instead of the actual order description, the order description itself being available separately at the merchant, the merchant validating that the authorization token refers to the same order description by comparing the hash of the order description in the authorization token against a locally-computed hash of the same order description.

Although specific embodiments of the invention have been disclosed, it will be understood by those skilled in the art that changes can be made to those specific embodiments without departing from the spirit and the scope of the invention.

Claims

1. A method for electronic commerce, comprising:

forming a four party payment protocol for electronic sales including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquiring bank computer;

sending from a merchant's computer over an internet network to a consumer's computer, a merchant message including a wallet initiation message, a merchant digital signature, and a digital certificate from an acquiring bank, said wallet initiation message including a payment amount, an order description, and a timestamp;

starting a consumer's wallet program in said consumer's computer in response to said wallet initiation message;

sending from said consumer's computer consumer identity and authentication information and said merchant message, to an issuer gateway for an issuing bank;

the issuing bank creating a reference number or value representing the consumer's credit or debit card number by repairing a table of credit card or debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the consumer's card number with a selected reference number and outputting the reference number to the issuer gateway;

verifying at said issuer gateway said merchant's signature to prove that the consumer is dealing with the actual merchant and validating at said issuer gateway the merchant's certificate and the acquirer's certificate to prove that the merchant and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that at least one of funds and/or and credit are available to support the payment amount, then authorizing payment by sending to the consumer over said internet network an authorization token, an issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit or debit card number;

said authorization token including the payment amount, order description, timestamp, a random nonce plus a merchant identifier and a reference to the consumer's credit or debit card number; and

said merchant's computer receiving said authorization token and fulfilling said order description.

2. The method for electronic commerce of claim 1, which further comprises:

sending from said consumer's computer a start message over the internet network to the merchants computer, to initiate said merchant's message.

3. The method for electronic commerce of claim 1, wherein said wallet initiation message includes a nonce.

4. The method for electronic commerce of claim 1, wherein said merchant's computer further performs the steps comprising:

receiving said authorization token;

verifying the issuer's signature, digital certificate, the payment amount and merchant identity in the authorization token;

verifying the freshness of the authorization token via the timestamp in the token;

using the nonce in the authorization token to recognize duplicate tokens; and

fulfilling said order description.

5. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a userid and a password.

6. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is an ATM debit card number and PIN.

7. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a smart card's account number and a symmetric message Authentication Code (MAC).

8. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a smart card's account number and an asymmetric digital signature.

9. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a consumer's digital signature and digital certificate.

10. The method for electronic commerce of claim 1, wherein said authorization token includes a dummy card number for use in routing payment to an appropriate one of a plurality of issuing banks;

said dummy card number being shared among all cardholders of a particular issuing bank.

11. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a consumer's digital certificate and matching asymmetric digital signature.

12. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a is a user account number and a symmetric MAC or asymmetric digital signature.

13. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a is a user account number and an asymmetric digital signature.

14. The method for electronic commerce of claim 1, wherein said consumer identity information is a consumer's biometric signal.

15. The method for electronic commerce of claim 1, wherein said issuer gateway sends said authorization token to said consumer, and the consumer forwards said authorization token to said merchant.

16. The method for electronic commerce of claim 1, wherein said issuer gateway sends said authorization token directly to said merchant.

17. The method for electronic commerce of claim 1, wherein said reference to said credit card is an alias card number that is mapped at the issuing bank to the real card number, thereby preventing use of the consumer's credit card number without said authorization token.

18. The method for electronic commerce of claim 1, wherein said reference to said card is an authorization number allocated uniquely by the issuer gateway for each authorization, enabling it to be passed by an acquirer gateway back to the issuing bank in a capture message;

said issuing bank maintaining a database mapping authorization numbers to card numbers, so that when the issuing bank receives the capture message, it uses the database mapping to determine the consumer's card number.

19. The method for electronic commerce of claim 1, which further comprises:

a digital certificate hierarchy that covers issuing banks, acquiring banks, and merchants.

20. The method for electronic commerce of claim 19, wherein said certificate hierarchy is used with public-key digital signatures to identify said merchant and said issuing bank.

21. The method for electronic commerce of claim 20, wherein said certificates represent common financial agreements and obligations among said merchant and said issuing bank.

22. The method for electronic commerce of claim 21, wherein the issuing bank certificates identify and help authenticate issuing banks to merchants, providing a basis for the merchants to trust the authorization tokens provided by the issuing banks.

23. The method for electronic commerce of claim 22, wherein an acquiring bank certificate and a merchant certificate identify and help authenticate said acquiring bank and said merchant to issuing banks;

said merchant certificate identifying the merchant to the consumer and verifying that the merchant is a valid participant of a payment scheme, before the issuing bank provides said authorization token.

24. The method for electronic commerce of claim 1, wherein split shipments are supported by an additional message interaction between the merchant and issuer gateway, comprising:

the merchant sending the authorization token to the issuer gateway identified in the issuer's digital certificate, including details of a split requirement, such as the amount of a first payment, the merchant authenticating the request by signing it and including the merchant's digital certificate;

the issuer gateway verifying that the merchant signing message is the same merchant that signed an original request, verifying the split request according to business and risk management policies, and responding with a new authorization token in a message to the merchant;

the merchant forwarding the new authorization token in a capture message the acquirer gateway;

the merchant resubmitting the new authorization token to the acquirer gateway m in a second message, whenever the merchant has shipped a second part of the shipment.

25. The method for electronic commerce of claim 1, comprising:

the issuer offering the consumer a payment schedule conditioned on the merchant name from the merchant's digital certificate and the amount of payment from the initiation message.

26. The method of claim 1 further comprising:

sending a capture request message including the reference number representing the consumer's card number over the internet from the merchant to an acquirer gateway operating on behalf of an acquirer bank to capture the transaction and disburse payment to the merchant.

27. The method of claim 1 further comprising the step of:

settling accounts with the issuing bank by the acquiring bank over a private network by sending a settlement message that includes the reference number to the consumer's card number.

28. The method of claim 1 further comprising the step of

converting the reference number into the consumer's card number by the issuing bank and applying the transaction amount to the consumer's balance in his credit card or deposit account.

29. The method of claim 1 further comprising the step of:

proving that the issuing bank authorized the payment to the merchant by the combination of the issuing bank's signature on the authorization token, digital certificate, and the contents of the authorization token, providing undeniable proof that the issuing bank authorized the payment.

30. A system for electronic commerce, comprising:

connecting apparatus which forms a four party payment protocol for electronic sales including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquiring bank computer;

the merchant's computer sending over an internet network to the consumer's computer, a merchant message including a wallet initiation message, a merchant digital signature, and a digital certificate from an acquiring bank, said wallet initiation message including a payment amount, an order description, and a timestamp;

the consumer's wallet program in said consumer's computer responsive to said wallet initiation message, for sending from said consumer's computer consumer identity and authentication information and said merchant message, to the issuer gateway for an issuing bank;

the issuing bank creating a reference number or value representing the consumer's credit or debit card number by preparing a table of credit card or debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the consumer's card number with a selected reference number and outputting the reference number to the issuer gateway;

the issuer gateway verifying said merchant's signature to prove that the consumer is dealing with the actual merchant and validating at said issuer gateway the merchant's certificate and the acquirer's certificate to prove that the merchant and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that funds and/or credit are available to support the payment amount, then authorizing payment by sending over said internet network an authorization token, an issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit or debit card number;

said authorization token including the payment amount, order description, timestamp, a random nonce plus a merchant identifier and a reference to the consumer's credit or debit card number;

said merchant's computer receiving said authorization token and fulfilling said order description; and

said merchant sending a capture request message including the reference number representing the consumer's card number over the internet to an acquirer gateway operating on behalf of an acquirer bank to capture the transaction and disburse payment to the merchant.

31. A computer program product, comprising:

computer program code forming a four party payment protocol for electronic sales including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquiring bank computer;

computer program code means for sending from the merchant's computer over an internet network to the consumer's computer, a merchant message including a wallet initiation message, a merchant digital signature, and a digital certificate from an acquiring bank, said wallet initiation message including a payment amount, an order description, and a timestamp;

computer program code means for starting a consumer's wallet program in said consumer's computer in response to said wallet initiation message;

computer program code means for sending from said consumer's computer consumer identity and authentication information and said merchant message, to the issuer gateway for an issuing bank;

computer program code at the issuing bank creating a reference number or value representing the consumer's credit or debit card number by preparing a table of credit card or debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the consumer's card number with a selected reference number and outputting the reference number to the issuer gateway;

computer program code verifying at said issuer gateway said merchant's signature to prove that the consumer is dealing with the actual merchant and validating at said issuer gateway the merchant's certificate and the acquirer's certificate to prove that the merchant and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that funds and/or credit are available to support the payment amount, then authorizing payment by sending over said internet network an authorization token, an issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit or debit card number;

said authorization token including the payment amount, order description, timestamp, a random nonce plus a merchant identifier and a reference to the consumer's credit or debit card number;

said merchant's computer receiving said authorization token and fulfilling said order description; and

computer program code at the acquiring bank settling accounts with the issuing bank over a private network by sending a settlement message that includes the reference number to the consumer's card number.

32. A data processing system for electronic commerce, comprising: connecting apparatus which forms a four party payment protocol for electronic sales including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquiring bank computer;

sending apparatus which sends from a merchant's computer over an internet network to a consumer's computer, a merchant message including a wallet initiation message, a merchant digital signature, and a digital certificate from an acquiring bank, said wallet initiation message including a payment amount, an order description, and a timestamp;

means for starting a consumer's wallet program in said consumer's computer in response to said wallet initiation message;

means for sending from said consumer's computer consumer identity and authentication information and said merchant message, to an issuer gateway for an issuing bank;

the issuing bank creating a reference number or value representing the consumer's credit or debit card number by preparing a table of credit card or debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the consumer's card number with a selected reference number and outputting the reference number to the issuer gateway;

means for verifying at said issuer gateway said merchant's signature to prove that the consumer is dealing with the actual merchant and validating at said issuer gateway the merchant's certificate and the acquirer's certificate to prove that the merchant and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that finds and/or credit are available to support the payment amount, then authorizing payment by sending over said internet network an authorization token, an issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit or debit card number;

said authorization token including the payment amount, order description, timestamp, a random nonce plus a merchant identifier and a reference to the consumer's credit or debit card number;

said merchant's computer receiving said authorization token and fulfilling said order description; and

the issuing bank converting the reference number into the consumer's card number and applying the transaction amount to the consumer's balance in his credit card or deposit account.

33. The data processing system for electronic commerce of claim 32, which further comprises:

means for sending from said consumer's computer a start message over the internet network to the merchant's computer, to initiate said merchant's message.

34. The data processing system for electronic commerce of claim 32, wherein said wallet initiation message includes a nonce.

35. The data processing system for electronic commerce of claim 32, wherein said merchant's computer further comprises:

means for receiving said authorization token;

means for verifying the issuer's signature, digital certificate, the payment amount and merchant identity in the authorization token;

means for verifying the freshness of the authorization token via the timestamp in the token;

means for using the nonce in the authorization token to recognize duplicate tokens; and

means for fulfilling said order description.

36. The data processing system for electronic commerce of claim 32, wherein said reference to said credit card is a consumer credit or debit account number.

37. A method for electronic commerce, comprising:

forming a four party payment protocol for electronic sales including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquiring bank computer;

sending from a merchant's computer over an internet network to a consumer's computer, a merchant message including a wallet initiation message, a merchant digital signature, and a digital certificate from an acquiring bank, said wallet initiation message including a payment amount, an order description, and a timestamp;

said acquiring bank's digital certificate containing a network address or URL that identifies the network location of said acquiring bank contacted via an internet network as part of a payment protocol;

starting a consumer's wallet program in said consumer's computer in response to said wallet initiation message;

sending from said consumer's computer consumer identity and authentication information and said merchant message, to an issuer gateway for an issuing bank;

the issuing bank creating a reference number or value representing the consumer's credit or debit card number by preparing a table of credit card or debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the consumer's card number with a selected reference number and outputting the reference number to the issuer gateway;

verifying at said issuer gateway said merchant's signature to prove that the consumer is dealing with the actual merchant and validating at said issuer gateway the merchant's certificate and the acquirer's certificate to prove that the merchant and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that funds and/or credit are available to support the payment amount, then authorizing payment by sending over said internet network an authorization token, an issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit or debit card number;

said issuer's digital certificate containing a network address or URL that identifies the network location of the issuer contacted via an internet network as part of a payment protocol;

said authorization token including the payment amount, order description, timestamp, a random nonce plus a merchant identifier and a reference to the consumer's credit or debit card number;

said merchant's computer receiving said authorization token and fulfilling said order description;

said merchant sending a capture request message including the reference number representing the consumer's card number over the internet to an acquirer gateway operating on behalf of an acquirer bank to capture the transaction and disburse payment to the merchant;

the acquiring bank settling accounts with the issuing bank over a private network by sending a settlement message that includes the reference number to the consumer's card number; and

the issuing bank converting the reference number into the consumer's card number and applying the transaction amount to the consumer's balance in his credit card or deposit account.

38. A method for electronic commerce, comprising:

forming a four party payment protocol for electronic sales including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquiring bank computer;

sending from the consumer's computer consumer to an issuer gateway for an issuing bank, an authorization request message containing consumer identity and authentication information, payment amount, an order description, a timestamp, a digital certificate representing a merchant, and a digital certificate representing the merchant's acquiring bank;

said merchant's digital certificate containing a merchant identifier unique for the acquiring bank;

said acquiring bank's digital certificate containing a bank identifier unique among all banks sharing a common financial arrangement;

validating at said issuer gateway the merchant's certificate and the acquirer's certificate to prove that the merchant, acquirer, and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that funds and/or credit are available to support the payment amount, then authorizing payment by sending over said internet network an authorization token, an issuer's digital certificate, and a reference to said consumer's credit or debit card number;

said authorization token including the payment amount, order description, timestamp, a random nonce, said merchant identifier from the merchant's digital certificate, and said acquiring bank identifier from said acquiring bank's digital certificate, plus a reference to the consumer's credit or debit card number;

said authorization token being digitally signed by the issuing bank;

said merchant's computer receiving said authorization token and fulfilling said order description

said merchant sending a capture request message including the reference number representing the consumer's card number over the internet to an acquirer gateway operating on behalf of an acquirer bank to capture the transaction and disburse payment to the merchant;

the acquiring bank settling accounts with the issuing bank over a private network by sending a settlement message that includes the reference number to the consumer's card number; and

the issuing bank converting the reference number into the consumer's card number and applying the transaction amount to the consumer's balance in his credit card or deposit account.

39. The method for electronic commerce of claim 38, which further comprises:

sending from a merchant's computer over an internet network to a consumer's computer, a merchant message including a wallet initiation message, a merchant digital signature, and a digital certificate from an acquiring bank, said wallet initiation message including a payment amount, an order description, and a timestamp;

starting a consumer's wallet program in said consumer's computer in response to said wallet initiation message;

said consumer's wallet program sending the authorization request message.

40. The method for electronic commerce of claim 39, which further comprises:

including with the wallet initiation message a merchant's digital signature of the wallet initiation message;

including the wallet initiation message and said merchant's digital signature in the authorization request message;

verifying at said issuer gateway said merchant's signature to prove that the consumer is dealing with the actual merchant.

41. The method for electronic commerce of claim 40, which further comprises:

sending from said consumer's computer a start message over the internet network to the merchant's computer, to initiate said merchant's message.

42. The method for electronic commerce of claim 40, wherein said wallet initiation message includes a nonce.

43. The method for electronic commerce of claim 40, wherein said merchant's computer further performs the steps comprising:

receiving said authorization token;

verifying the issuer's signature, digital certificate, the payment amount and merchant identity in the authorization token;

verifying the freshness of the authorization token via the timestamp in the token;

using the nonce in the authorization token to recognize duplicate tokens; and

fulfilling said order description.

44. The method for electronic commerce of claim 38, wherein the merchant claims payment through the acquiring bank by forwarding the customer reference number and payment amount to the acquiring bank.

45. The method for electronic commerce of claim 44, wherein the case of a subsequent dispute, the merchant proves payment authorization by submitting a copy of the authorization token and issuer's digital certificate to the acquiring bank.

46. The method for electronic commerce of claim 38, wherein the merchant claims payment through the acquiring bank by forwarding the authorization token and issuer's digital certificate to the acquiring bank;

the acquiring bank verifying the issuer's signature on the authorization token, validating the issuer's digital certificate, checking for duplicates via the timestamp in the authorization token; and the acquiring bank paying the amount indicated in the authorization token.

47. The method for electronic commerce of claim 38, wherein said authorization request message and authorization token includes a hash of an order description instead of the actual order description, the order description itself being available separately at the merchant, the merchant validating that the authorization token refers to the same order description by comparing the hash of the order description in the authorization token against a locally-computed hash of the same order description.

48. The method for electronic commerce of claim 38, wherein said reference to said credit card is a consumer credit or debit account number.

49. The method for electronic commerce of claim 48, wherein the confidentiality of said credit or debit account number is maintained by using a higher-level security protocol, such as encrypted email or SSL, to protect the communications among the consumer and the issuer gateway, the consumer and the merchant, the issuer gateway and the merchant, and, if applicable, the merchant and the acquirer.

50. A method for electronic commerce, comprising:

forming a four party payment protocol for electronic sales, the four party payment protocol including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquirer bank computer;

sending from the merchant's computer, over an internet network to the consumer's computer, a merchant message including a wallet initiation message, and a digital certificate of a merchant provided by an acquiring bank, said wallet initiation message including a payment amount, an order description, a merchant identifier and a timestamp;

starting a consumer's wallet program in said consumer's computer in response to said wallet initiation message;

sending from said consumer's computer consumer identity and authentication information and said merchant message, to the issuer gateway for an issuing bank;

the issuing bank creating a reference number or value representing the consumer's credit or debit card number by preparing a table of credit card or debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the consumer's card number with a selected reference number and outputting the reference number to the issuer gateway;

verifying at said issuer gateway that the merchant and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that funds and/or credit are available to support the payment amount, then authorizing payment by sending over said internet network an authorization token, an issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit or debit card number;

said authorization token including the payment amount, order description, timestamp, a random nonce plus a merchant identifier and a reference to the consumer's credit or debit card number;

said merchant's computer receiving said authorization token and fulfilling said order description; and

sending a capture request message including the reference number representing the consumer's card number over the internet from the merchant to an acquirer gateway operating on behalf of an acquirer bank to capture the transaction and disburse payment to the merchant.

51. The method of claim 50 further comprising:

providing the merchant's digital signature and matching certificate to the consumer's computer.

52. The method of claim 50 further comprising

the issuer gateway signing the authorization token.

53. A method for electronic commerce, comprising:

means for forming a four party payment protocol for electronic sales, the four party payment protocol including a consumer's computer coupled to a merchant's computer and to an issuing bank computer via an issuer gateway, the merchant computer being further coupled to an acquiring bank computer;

the merchant's computer sending over an internet network to the consumer's computer, a merchant message including a wallet initiation message, and a digital certificate of a merchant provided by an acquiring bank, said wallet initiation message including a payment amount, an order description, a merchant identifier and a timestamp;

a consumer's wallet program in said consumer's computer responsive to said wallet initiation message, for sending from said consumer's computer consumer identity and authentication information and said merchant message, to the issuer gateway for an issuing bank;

the issuing bank creating a reference number or value representing the consumer's credit or debit card number by preparing a table of credit card or debit card numbers and a corresponding table of reference numbers, the issuing bank pairing the consumer's card number with a selected reference number and outputting the reference number to the issuer gateway;

the issuer gateway verifying that the merchant and issuer share a common financial arrangement;

said issuer gateway verifying the consumer's account and ensuring that funds and/or credit are available to support the payment amount, then authorizing payment by sending over said internet network an authorization token, an issuer's digital certificate, said wallet initiation message, and a reference to said consumer's credit or debit card number;

said authorization token including the payment amount, order description, timestamp, a random nonce plus a merchant identifier and a reference to the consumer's credit or debit card number;

said merchant's computer receiving said authorization token and fulfilling said order description; and

settling apparatus which settles accounts with the issuing bank by the acquiring bank over a private network by sending a settlement message that includes the reference number to the consumer's card number.

54. The system of claim 53 further comprising:

means for providing the merchant's digital signature and matching certificate to the consumer's computer; and

means for issuing gateway to sign the authorization token.

55. A method of operating a four party payment protocol in accordance with a gateway associated with an issuing bank, the method comprising the steps of:

receiving at the gateway, from a computer of a consumer, information associated with the consumer computer and a merchant message from a computer of a merchant with which the consumer is engaging in a transaction, the merchant message comprising a wallet initiation message comprising a payment amount, an order description, a merchant identifier and a timestamp;

receiving at the gateway, from the issuing bank, a reference number, the reference number having been created by the issuing bank and representing a credit card number or a debit card number of the consumer, the issuing bank maintaining a table of credit card numbers or debit card numbers and corresponding reference numbers wherein the consumer's card number is paired with the reference number;

verifying at the gateway an account of the consumer and ensuring that at least one of funds and credit support the payment; and

authorizing payment by sending an authorization token, the authorization token comprising the payment amount, the order description, the merchant identifier, the timestamp, and the reference number, wherein the merchant's computer receives the authorization token, initiates fulfillment of the order description, and sends a capture request message comprising the reference number, to an acquirer bank;

wherein the acquirer bank captures the transaction and disburses payment to the merchant; and further

wherein the issuing bank, in response to a message from the acquirer bank, converts the reference number into the consumer's credit or debit card number and applies the payment amount to a balance in the account of the consumer.

56. The method of claim 55, wherein the gateway associated with the issuing bank sends the authorization token to the merchant computer via the consumer computer.

57. The method of claim 55, wherein the gateway associated with the issuing bank sends the authorization token directly to the merchant computer.

58. The method of claim 55, further comprising the step of the gateway associated with the issuing bank signing the authorization token.

59. A method of operating a four party payment protocol in accordance with a computer of a merchant, the method comprising the steps of:

sending a message from the merchant computer to a computer of a consumer with which the merchant computer is engaging in a transaction, the merchant message comprising a wallet initiation message, the wallet initiation message comprising a payment amount, an order description, a merchant identifier and a timestamp, wherein the merchant message is sent to a gateway associated with an issuing bank, via the consumer computer, along with information associated with the consumer computer;

receiving at the merchant computer an authorization token sent by the gateway after the gateway has verified an account of the consumer and ensured that at least one of funds and credit support the payment amount, the authorization token comprising the payment amount, the order description, the merchant identifier, the timestamp, and a reference number, the reference number having been created by the issuing bank and representing a credit card number or a debit card number and corresponding reference numbers wherein consumer's card number is paired with the reference number;

initiating fulfillment of the order description at the merchant computer; and

sending from the merchant computer to an acquirer bank, a capture request message comprising the reference number,

wherein the acquirer bank captures the transaction and disburses payment to the merchant; and further

wherein the issuing bank, in response to a message from the acquirer bank, converts the reference number into the consumer's credit or debit card number and applies the payment amount to a balance in the account of the consumer.

60. The method for electronic commerce of claim 1, wherein said wallet initiation message includes a nonce.

61. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a userid and a password.

62. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is an ATM debit card number and PIN.

63. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a smart card's account number and a symmetric message Authentication Code (MAC).

64. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a smart card's account number and a symmetric digital signature.

65. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a consumer's digital signature and digital certificate.

66. The method for electronic commerce of claim 1, wherein said authorization token includes a dummy card number for use in routing payment to an appropriate one of a plurality of issuing banks;

said dummy card number being shared among all cardholders of a particular issuing bank.

67. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a consumer's digital certificate and matching asymmetric digital signature.

68. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a user account number and a symmetric MAC or asymmetric digital signature.

69. The method for electronic commerce of claim 1, wherein said consumer identity and authentication information is a user account number and an asymmetric digital signature.

70. The method for electronic commerce of claim 1, wherein said consumer identity information is a consumer's biometric signal.

71. The method for electronic commerce of claim 1, which further comprises:

a digital certificate hierarchy that covers issuing banks, acquiring banks, and merchants.

72. The method for electronic commerce of claim 71, wherein said certificate hierarchy is used with public-key digital signatures to identify said merchant and said issuing bank.

73. The method for electronic commerce of claim 72, wherein said certificates represent common financial agreements and obligations among said merchant and said issuing bank.

74. The method for electronic commerce of claim 73, wherein the issuing bank certificates identify and help authenticate issuing banks to merchants, providing a basis for the merchants to trust the authorization tokens provided by the issuing banks.

75. The method for electronic commerce of claim 74, wherein an acquiring bank certificate and a merchant certificate identify and help authenticate said acquiring bank and said merchant to issuing banks;

said merchant certificate identifying the merchant to the consumer and verifying that the merchant is a valid participant of a payment scheme, before the issuing bank provides said authorization token.

76. A method of providing at least a part of a four party payment service, the part of the service being provided in accordance with a gateway associated with an issuing bank, the method comprising the steps of:

receiving at the gateway, from a computer of a consumer, information associated with the consumer computer and a merchant message from a computer of a merchant with which the consumer is engaging in a transaction, the merchant message comprising a wallet initiation message comprising a payment amount, an order description, a merchant identifier and a timestamp;

receiving at the gateway, from the issuing bank, a reference number, the reference number having been created by the issuing bank and representing a credit card number or a debit card number of the consumer, the issuing bank maintaining a table of credit card numbers or debit card numbers and corresponding reference numbers wherein the consumer's card number is paired with the reference number;

verifying at the gateway an account of the consumer and ensuring that at least one of funds and credit support the payment amount; and

authorizing payment by sending an authorization token, the authorization token comprising the payment amount, the order description, the merchant identifier, the timestamp, and the reference number, wherein the merchant's computer receives the authorization token initiates fulfillment of the order description, and sends a capture request message comprising the reference number, to an acqirer bank;

wherein the acquirer bank captures the transaction and disburses payment to the merchant; and further

wherein the issuing bank, in response to a message from the acquirer bank, converts the reference number into the consumer's credit or debit care number and applies the payment amount to a balance in the account of the consumer.

77. The method of claim 76, wherein the gateway associated with the issuing bank sends the authorization token to the merchant computer via the consumer computer.

78. The method of claim 76, wherein the gateway associated with the issuing bank sends the authorization token directly to the merchant computer.

79. The method of claim 76, further comprising the step of the gateway associated with the issuing bank signing the authorization token.

80. A method of providing at least a part of a four party payment service, the part of the service being provided in accordance with a computer of a merchant, the method comprising the steps of:

sending a message from the merchant computer to a computer of a consumer with which the merchant computer is engaging in a transaction, the merchant message comprising a wallet initiation message, the wallet initiation message comprising a payment amount, an order description, a merchant identifier and a timestamp, wherein the merchant message is sent to a gateway associated with an issuing bank, via the consumer computer, along with information associated with the consumer computer;

receiving at the merchant computer an authorization token sent by the gateway after the gateway has verified an account of the consumer and ensured that at least one of funds and credit support the payment amount, the authorization token comprising the payment ampunt, the order description, the merchant identifier, the timestamp, and a reference number, the reference number having been created by the issuing bank and representing a credit card number or a debit card number and corresponding reference numbers wherein the consumer's card number is paired with the reference number;

initiating fulfillment of the order description at the merchant computer; and

sending from the merchant computer to an acquirer bank, a capture request message comprising the reference number,

wherein the acquirer bank captures the transaction and disburses payment to the merchant; and further

wherein the issuing bank, in response to a message from the acquirer bank, converts the reference number into the consumer's credit or debit card number and applies the payment amount to a balance in the account of the consumer.

81. A method of operating a four party payment protocol in accordance with a gateway associated with an issuing bank, the method comprising the steps of:

receiving at the gateway, from a computer of a consumer, information associated with the consumer computer and a merchant message from a computer of a merchant with which the consumer is engaging in a transaction, the merchant message comprising a wallet initiation message comprising a payment amount, an order description, a merchant identifier and a timestamp;

receiving at the gateway, from the issuing bank, a reference number, the reference number having been created by the issuing bank representing a credit card number or a debit card number of the consumer, the issuing bank maintaining a mapping of credit card numbers or debit card numbers and corresponding reference numbers wherein the consumer's card number is paired with the reference number;

verifying at the gateway an account of the consumer and ensuring that at least one of funds and credit support the payment amount; and

authorizing payment by sending an authorization token, the authorization token comprising the payment amount, the order description, the merchant identifier, the timestamp, and the reference number, wherein the merchant's computer receives the authorization token initiates fulfillment of the order description, and sends a capture request message comprising the reference number, to an acquirer bank;

wherein the acquirer bank captures the transaction and disburses payment to the merchant; and further

wherein the issuing bank, in response to a message from the acquirer bank, converts the reference number into the consumer's credit or debit card number and applies the payment amount to a balance in the account of the consumer.

82. The method of claim 81, wherein the gateway associated with the issuing bank sends the authorization token to the merchant computer via the consumer computer.

83. The method of claim 81, wherein the gateway associated with the issuing bank sends the authorization token directly to the merchant computer.

84. The method of claim 81, further comprising the step of the gateway associated with the issuing bank signing the authorization token.

85. A method of operating a four party payment protocol in accordance with a computer of a merchant, the method comprising the steps of:

sending a message from the merchant computer to a computer of a consumer with which the merchant computer is engaging in a transaction, the merchant message comprising a wallet initiation message, the wallet initiation message comprising a payment amount, an order description, a merchant identifier and a timestamp, wherein the merchant message is sent to a gateway associated with an issuing bank, via the consumer computer, along with information associated with the consumer computer;

receiving at the merchant computer an authorization token sent by the gateway after the gateway has verified an account of the consumer and ensured that at least one of funds and credit support the payment amount, the authorization token comprising the payment ampunt, the order description, the merchant identifier, the timestamp, and a reference number, the reference number having been created by the issuing bank and representing a credit card number or a debit card number and corresponding reference numbers wherein the consumer's card number is paired with the reference number;

initiating fulfillment of the order description at the merchant computer; and

sending from the merchant computer to an acquirer bank, a capture request message comprising the reference number,

wherein the acquirer bank captures the transaction and disburses payment to the merchant; and further

wherein the issuing bank, in response to a message from the acquirer bank, converts the reference number into the consumer's credit or debit card number and applies the payment amount to a balance in the account of the consumer.