Method and apparatus for billing for transactions conducted over the internet

Assignee

• AT&T CORP. · US

Inventors

• Paul D. Bartoli · Red Bank, US
• Stephen J. Griesmer · Westfield, US
• Gideon Lidor · East Brunswick Township, US
• Yzhak Ronen · Plainsboro, US
• Jean Tessier · Coppell, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06Q40/00
• WIPO fieldIT methods for management
• WIPO sectorElectrical engineering

Abstract

A method and apparatus for authenticating transactions accomplished over a data network utilizes a "cookie" containing both static information (user-identifying information) and dynamic information (transaction-based information). The transaction-oriented dynamic information portion comprises a random number and a sequence number, the latter tracking the number of billing transactions conducted by the user associated with the account number. The cookie, sent to the user's cookie file upon a previous transaction, is valid for only a single new transaction. A billing server, upon receiving the cookie containing the static and dynamic information portions, identifies the user from the account number in the static portion and accesses from an associated database the expected random number and sequence number that the billing server last sent to that user in the transaction-oriented dynamic portion. If the expected dynamic portion matches the received dynamic portion, the user is authenticated to proceed with the current transaction.