US 11,669,816 B2
Payment system
Peter Winfield-Chislett, London (GB); Westley Stringfellow, London (GB); Itamar Lesuisse, London (GB); Veronica Casabonne, London (GB); and Raymond Tamblyn, London (GB)
Assigned to VISA EUROPE LIMITED, London (GB)
Filed by Visa Europe Limited, London (GB)
Filed on Nov. 18, 2019, as Appl. No. 16/687,128.
Application 16/687,128 is a continuation of application No. 13/178,431, abandoned, previously published as PCT/EP2010/050158, filed on Jan. 8, 2010.
Application 13/178,431 is a continuation of application No. 12/416,902, filed on Apr. 1, 2009, granted, now 8,688,574, issued on Apr. 1, 2014.
Claims priority of application No. 0900223 (GB), filed on Jan. 8, 2009.
Prior Publication US 2020/0226564 A1, Jul. 16, 2020
Int. Cl. G06Q 30/0601 (2023.01); H04L 67/63 (2022.01); H04L 9/32 (2006.01); G06Q 20/12 (2012.01); G06Q 20/02 (2012.01); G06Q 20/40 (2012.01); G06Q 20/22 (2012.01); G06F 21/31 (2013.01)
CPC G06Q 20/12 (2013.01) [G06F 21/31 (2013.01); G06Q 20/02 (2013.01); G06Q 20/227 (2013.01); G06Q 20/40 (2013.01); G06Q 30/0601 (2013.01); H04L 9/321 (2013.01); H04L 67/63 (2022.05)] 14 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, by an issuing bank server in a payment transaction, a redirected web page from a browser of a user system used by a user, the redirected web page coming from a URL of the web page from a trusted intermediary application, which receives a bank identifier from the browser accessing an online merchant web server, retrieves the URL of the web page using the bank identifier, and transmits the URL of the web page to the browser;
receiving, by the issuing bank server from the user system, sign in details of the user from the user system via the redirected web page;
activating, by the issuing bank server, a self-expiring token;
transmitting, by the issuing bank server, the self-expiring token to the user system along with an instruction to re-direct an iFrame associated with the browser to the trusted intermediary application, and a request to the trusted intermediary application for a list of accounts associated with the user, thereby
redirecting the iFrame associated with the browser to the trusted intermediary application;
receiving, by the issuing bank server, the self-expiring token, and the request for the list of accounts associated with the user from the trusted intermediary application in an API call from the trusted intermediary application to the issuing bank server;
transmitting, by the issuing bank server, the list of accounts associated with the user to the trusted intermediary application, the trusted intermediary application generating an account selection page with the list of accounts and providing the account selection page to the user system;
receiving, by the issuing bank server from the trusted intermediary application, a selection of an account in the list of accounts obtained from the user system, and the self-expiring token;
providing a credential to the trusted intermediary application after receiving the selected account, wherein the trusted intermediary application provides the credential to a merchant internet payment service provider computer, which generates an authorization request message comprising the credential and transmits the authorization request message to the issuing bank server for authorization,
receiving, by a web server and servlet engine associated with the trusted intermediary application, a notification of successful authorization of the authorization request message;
transmitting, by the web server and servlet engine associated with the trusted intermediary application, a return merchant URL with the notification of successful authorization to the iFrame; and
responsive to receiving the return merchant URL, emptying the iFrame, and reloading the iFrame with Javascript code to return the user to the online merchant web server.