| CPC G06Q 20/382 (2013.01) [G06Q 20/385 (2013.01); G06Q 20/405 (2013.01)] | 18 Claims |
|
1. A method that utilizes Simple Mail Transfer Protocol (SMTP) to improve security of an e-commerce computer system, the method comprising:
receiving, by the e-commerce computer system, a request for a transaction from a third party, wherein the transaction enables a particular registered user to access a secure webpage hosted by the third party;
in response to receiving the request:
generating, by the e-commerce computer system, a short lookup token for the transaction, wherein the short lookup token identifies the particular registered user and is unique to the transaction, and
configuring, by the e-commerce computer system, a transaction email address to contain the short lookup token in a local part of the transaction email address, wherein the e-commerce computer system receives email via the transaction email address;
receiving, by the e-commerce computer system, a response email from a sender via SMTP, wherein the response email is addressed to the transaction email address;
ascertaining, by the e-commerce computer system, the particular registered user based on the short lookup token contained in the local part of the transaction email address;
authenticating, by the e-commerce computer system, the response email by determining that the response email was received from the particular registered user based on an email address of the sender of the response email; and
on a condition that the response email is successfully authenticated:
determining, by the e-commerce computer system, a long token associated with the short lookup token, wherein the long token includes additional information about the transaction not included in the short lookup token,
processing, by the e-commerce computer system, the transaction utilizing the additional information included in the long token; and
logging, by the e-commerce computer system, the particular registered user on to the secure webpage based on the processing, wherein the particular registered user is logged onto to the secure webpage by transmitting a notification to a browser of the particular registered user.
|