We Claim:
1. A payment network server for secure e-commerce, the payment network server
comprising at least a computer processor and a data storage device, the data storage
5 device comprising instructions operative by the computer processor to:
receive, from an issuer server associated with an issuer application, a
request for a payment token, the request comprising a payment amount and a
transaction time from an e-commerce site of a merchant and a customer identifier
verified by the issuer application;
10 generate a payment token comprising the payment amount, the transaction
time and a tokenized personal account number (PAN) associated with the
customer identifier, the payment token being generated in an encrypted form;
transmit the payment token to the issuer application for uploading into the
e-commerce site;
15 receive, from the e-commerce site, a payment transaction request
comprising the payment token and the merchant identifier;
decrypt the payment token back into the payment amount, the transaction
time and the tokenized personal account number (PAN);
map the tokenized personal account number (PAN) to a customer personal
20 account number (PAN); and
transmit the payment amount, the transaction time, the customer personal
account number (PAN) and the merchant identifier to the issuer server for validation
and authorisation of the payment transaction request.
25 2. The payment network server according to claim 1 wherein the payment token
further comprises the merchant identifier from the e-commerce site of the merchant,
which is received as part of the request for the payment token.
3. The payment network server according to either preceding claim wherein the e30 commerce site is in the form of a website.
4. The payment network server according to claim 1 or 2 wherein the e-commerce site
is in the form of an application (App).
19
5. The payment network server according to any preceding claim further configured
to query a customer database to obtain the tokenized personal account number (PAN)
associated with the customer identifier and/or to map the tokenized personal account
number (PAN) to the customer personal account number (PAN).
5
6. The payment network server according to any preceding claim configured to
transmit the payment token directly to the issuer application.
7. The payment network server according to any preceding claim configured to
10 transmit the payment token to the issuer application via the issuer server.
8. A computerised network for secure e-commerce comprising:
a) a payment network server according to any preceding claim; and
b) an issuer server comprising at least an issuer computer processor and an issuer
15 data storage device, the issuer data storage device comprising instructions
operative by the issuer computer processor to:
receive, from the issuer application, the request for the payment
token;
store, in a payment token database, the payment amount and the
20 transaction time comprised in the request;
transmit to the payment network server the request for the payment
token;
receive, from the payment network server, the payment token;
transmit the payment token to the issuer application for uploading
25 into the e-commerce site;
receive, from the payment network server, the payment amount,
the transaction time, the customer personal account number (PAN) and the
merchant identifier;
validate the payment amount and the transaction time received
30 from the payment network server by comparison with the payment amount and
the transaction time stored in the payment token database; and
authorise the payment transaction request if the payment amount and the
transaction time received from the payment network server match the payment
amount and the transaction time stored in the payment token database.
20
9. A computer-implemented method for secure e-commerce comprising:
receiving, from an issuer server associated with an issuer application, a
request for a payment token, the request comprising a payment amount and a
transaction time from an e-commerce site of a merchant and a customer identifier
5 verified by the issuer application;
generating a payment token comprising the payment amount, the
transaction time and a tokenized personal account number (PAN) associated with
the customer identifier, the payment token being generated in an encrypted form;
transmitting the payment token to the issuer application for uploading into
10 the e-commerce site;
receiving, from the e-commerce site, a payment transaction request
comprising the payment token and the merchant identifier;
decrypting the payment token back into the payment amount, the
transaction time and the tokenized personal account number (PAN);
15 mapping the tokenized personal account number (PAN) to a customer
personal account number (PAN); and
transmitting the payment amount, the transaction time, the customer
personal account number (PAN) and the merchant identifier to the issuer server
for validation and authorisation of the payment transaction request.
20
10. A non-transitory computer-readable medium having stored thereon program
instructions for causing at least one processor to perform the method according to

We Claim:
1. A payment network server for secure e-commerce, the payment network server
comprising at least a computer processor and a data storage device, the data storage
5 device comprising instructions operative by the computer processor to:
receive, from an issuer server associated with an issuer application, a
request for a payment token, the request comprising a payment amount and a
transaction time from an e-commerce site of a merchant and a customer identifier
verified by the issuer application;
10 generate a payment token comprising the payment amount, the transaction
time and a tokenized personal account number (PAN) associated with the
customer identifier, the payment token being generated in an encrypted form;
transmit the payment token to the issuer application for uploading into the
e-commerce site;
15 receive, from the e-commerce site, a payment transaction request
comprising the payment token and the merchant identifier;
decrypt the payment token back into the payment amount, the transaction
time and the tokenized personal account number (PAN);
map the tokenized personal account number (PAN) to a customer personal
20 account number (PAN); and
transmit the payment amount, the transaction time, the customer personal
account number (PAN) and the merchant identifier to the issuer server for validation
and authorisation of the payment transaction request.
25 2. The payment network server according to claim 1 wherein the payment token
further comprises the merchant identifier from the e-commerce site of the merchant,
which is received as part of the request for the payment token.
3. The payment network server according to either preceding claim wherein the e30 commerce site is in the form of a website.
4. The payment network server according to claim 1 or 2 wherein the e-commerce site
is in the form of an application (App).
19
5. The payment network server according to any preceding claim further configured
to query a customer database to obtain the tokenized personal account number (PAN)
associated with the customer identifier and/or to map the tokenized personal account
number (PAN) to the customer personal account number (PAN).
5
6. The payment network server according to any preceding claim configured to
transmit the payment token directly to the issuer application.
7. The payment network server according to any preceding claim configured to
10 transmit the payment token to the issuer application via the issuer server.
8. A computerised network for secure e-commerce comprising:
a) a payment network server according to any preceding claim; and
b) an issuer server comprising at least an issuer computer processor and an issuer
15 data storage device, the issuer data storage device comprising instructions
operative by the issuer computer processor to:
receive, from the issuer application, the request for the payment
token;
store, in a payment token database, the payment amount and the
20 transaction time comprised in the request;
transmit to the payment network server the request for the payment
token;
receive, from the payment network server, the payment token;
transmit the payment token to the issuer application for uploading
25 into the e-commerce site;
receive, from the payment network server, the payment amount,
the transaction time, the customer personal account number (PAN) and the
merchant identifier;
validate the payment amount and the transaction time received
30 from the payment network server by comparison with the payment amount and
the transaction time stored in the payment token database; and
authorise the payment transaction request if the payment amount and the
transaction time received from the payment network server match the payment
amount and the transaction time stored in the payment token database.
20
9. A computer-implemented method for secure e-commerce comprising:
receiving, from an issuer server associated with an issuer application, a
request for a payment token, the request comprising a payment amount and a
transaction time from an e-commerce site of a merchant and a customer identifier
5 verified by the issuer application;
generating a payment token comprising the payment amount, the
transaction time and a tokenized personal account number (PAN) associated with
the customer identifier, the payment token being generated in an encrypted form;
transmitting the payment token to the issuer application for uploading into
10 the e-commerce site;
receiving, from the e-commerce site, a payment transaction request
comprising the payment token and the merchant identifier;
decrypting the payment token back into the payment amount, the
transaction time and the tokenized personal account number (PAN);
15 mapping the tokenized personal account number (PAN) to a customer
personal account number (PAN); and
transmitting the payment amount, the transaction time, the customer
personal account number (PAN) and the merchant identifier to the issuer server
for validation and authorisation of the payment transaction request.
20
10. A non-transitory computer-readable medium having stored thereon program
instructions for causing at least one processor to perform the method according to claim 9We Claim:
1. A payment network server for secure e-commerce, the payment network server
comprising at least a computer processor and a data storage device, the data storage
5 device comprising instructions operative by the computer processor to:
receive, from an issuer server associated with an issuer application, a
request for a payment token, the request comprising a payment amount and a
transaction time from an e-commerce site of a merchant and a customer identifier
verified by the issuer application;
10 generate a payment token comprising the payment amount, the transaction
time and a tokenized personal account number (PAN) associated with the
customer identifier, the payment token being generated in an encrypted form;
transmit the payment token to the issuer application for uploading into the
e-commerce site;
15 receive, from the e-commerce site, a payment transaction request
comprising the payment token and the merchant identifier;
decrypt the payment token back into the payment amount, the transaction
time and the tokenized personal account number (PAN);
map the tokenized personal account number (PAN) to a customer personal
20 account number (PAN); and
transmit the payment amount, the transaction time, the customer personal
account number (PAN) and the merchant identifier to the issuer server for validation
and authorisation of the payment transaction request.
25 2. The payment network server according to claim 1 wherein the payment token
further comprises the merchant identifier from the e-commerce site of the merchant,
which is received as part of the request for the payment token.
3. The payment network server according to either preceding claim wherein the e30 commerce site is in the form of a website.
4. The payment network server according to claim 1 or 2 wherein the e-commerce site
is in the form of an application (App).
19
5. The payment network server according to any preceding claim further configured
to query a customer database to obtain the tokenized personal account number (PAN)
associated with the customer identifier and/or to map the tokenized personal account
number (PAN) to the customer personal account number (PAN).
5
6. The payment network server according to any preceding claim configured to
transmit the payment token directly to the issuer application.
7. The payment network server according to any preceding claim configured to
10 transmit the payment token to the issuer application via the issuer server.
8. A computerised network for secure e-commerce comprising:
a) a payment network server according to any preceding claim; and
b) an issuer server comprising at least an issuer computer processor and an issuer
15 data storage device, the issuer data storage device comprising instructions
operative by the issuer computer processor to:
receive, from the issuer application, the request for the payment
token;
store, in a payment token database, the payment amount and the
20 transaction time comprised in the request;
transmit to the payment network server the request for the payment
token;
receive, from the payment network server, the payment token;
transmit the payment token to the issuer application for uploading
25 into the e-commerce site;
receive, from the payment network server, the payment amount,
the transaction time, the customer personal account number (PAN) and the
merchant identifier;
validate the payment amount and the transaction time received
30 from the payment network server by comparison with the payment amount and
the transaction time stored in the payment token database; and
authorise the payment transaction request if the payment amount and the
transaction time received from the payment network server match the payment
amount and the transaction time stored in the payment token database.
20
9. A computer-implemented method for secure e-commerce comprising:
receiving, from an issuer server associated with an issuer application, a
request for a payment token, the request comprising a payment amount and a
transaction time from an e-commerce site of a merchant and a customer identifier
5 verified by the issuer application;
generating a payment token comprising the payment amount, the
transaction time and a tokenized personal account number (PAN) associated with
the customer identifier, the payment token being generated in an encrypted form;
transmitting the payment token to the issuer application for uploading into
10 the e-commerce site;
receiving, from the e-commerce site, a payment transaction request
comprising the payment token and the merchant identifier;
decrypting the payment token back into the payment amount, the
transaction time and the tokenized personal account number (PAN);
15 mapping the tokenized personal account number (PAN) to a customer
personal account number (PAN); and
transmitting the payment amount, the transaction time, the customer
personal account number (PAN) and the merchant identifier to the issuer server
for validation and authorisation of the payment transaction request.
20
10. A non-transitory computer-readable medium having stored thereon program
instructions for causing at least one processor to perform the method according to claim 9