US-12620010-B2 - Secure referral transfer service

Abstract

A secure referral transfer includes receiving an offer for a connection agreement from a source, with the connection agreement defining data objects to be shared in transactions between the source and a target; receiving an acceptance of the offered connection agreement from the target; facilitating a connection between the source and the target based on the accepted connection agreement; and connecting a channel endpoint for the source and a channel endpoint for the target to facilitate a transaction. The secure referral transfer may be implemented without a direct integration of the infrastructure of the source and the target.

Inventors

• John Cofano
• David Boliek
• Phillip Dellinger

Assignees

• GOODWELL TECHNOLOGIES, INC.

Dates

Publication Date

20260505

Application Date

20210513

Claims (9)

1. 1 . A non-transitory computer-readable medium storing computer-executable components of a switchboard platform thereon, the computer-executable components comprising: a maintenance component configured to create and maintain definitions for agreements, referrals, and transactions; and management components configured to: translate protocols, data formats, and security parameters, detect a connection, and manage requests to create or update data objects linked to a transfer of extensible data objects, wherein, upon execution, the computer-executable components cause one or more processors to facilitate a secure referral transaction between respective internet-based transactional infrastructures of a source website and a target website by performing operations comprising: receiving, by at least one of the management components, a channel session linked to an internet-connected channel endpoint for the source website in accordance with a connection agreement; creating, by at least one of the management components, a transfer object to transfer extensible data objects, in accordance with the connection agreement, for the target website; transferring, by at least one of the management components, the transfer object to an internet-connected channel endpoint for the target website; receiving, by at least one of the management components, a validation call from the internet-connected channel endpoint for the target website for the transfer to the target website, wherein the validation call is sent from the internet-connected channel endpoint for the target website upon decryption and inspection of the transfer object; and establishing, by at least one of the management components, the secure referral transaction, in which access to various data elements is restricted to at least one of the source website or the target website as specified in at least one of the transferred extensible objects, by granting access from the source website to the internet-connected channel endpoint for the target website, as a secure channel session for the secure transaction, when the transfer for the target website is validated, wherein the connection agreement is an extensible data object manifested upon agreement by the source website and the target website, to securely connect the internet-connected channel endpoint for the source website and the internet-connected channel endpoint for the target website and prevents exposure of transactional infrastructure to the other of the source website and the target website.
2. 2 . The non-transitory computer-readable medium of claim 1 , wherein the channel endpoint for the source is defined in a source channel agreement, and wherein the channel endpoint for the target is defined in a target channel agreement.
3. 3 . The non-transitory computer-readable medium of claim 1 , wherein the transfer object includes a transfer token.
4. 4 . The non-transitory computer-readable medium of claim 3 , wherein the operations further comprise: receiving the transfer token back from the target; and transmitting a validation message to the target.
5. 5 . The non-transitory computer-readable medium of claim 1 , wherein the transfer object indicates that a user has been authenticated at the source.
6. 6 . The non-transitory computer-readable medium of claim 1 , wherein the computer-readable medium is stored on a cloud-based authentication server.
7. 7 . The non-transitory computer-readable medium of claim 1 , wherein the target is a target commerce site that is restricted to authenticated users.
8. 8 . The non-transitory computer-readable medium of claim 1 , wherein a transaction is completed at the target.
9. 9 . The non-transitory computer-readable medium of claim 1 , wherein the transfer object is encrypted.

Description

TECHNICAL FIELD The embodiments described and recited herein pertain generally to connecting a user authenticated at a Source to a Supplier, without requiring an additional layer of authentication. BACKGROUND Referral-based transactions, via the Internet, are increasing in volume. By such transactions, a target, i.e., receiver or supplier, is to provide a product or service to a customer based on the referral of a source. Benefits from such transactions include an increased likelihood of an actual transaction, as opposed to the absence of a referral. Typically, referral-based transactions may transact in one of the following three scenarios: (1) the source provides a code (“Promo Code”) to the customer that, when entered into the target ecommerce website, is read by a series of matching discount codes stored in the ecommerce infrastructure to provide a discount or other benefit to the customer; (2) the source develops a co-branded website with a target so that all associated transactions are considered “referrals” by the target; and (3) the source facilitates a custom integration of part of its product delivery process with one or more targets, thereby allowing a referral transaction as part of the customer buying a product from the source, e.g., online transactions with customers buying a home appliance product to associated warranty or insurance services. However, promo codes are often sent onward by receiving customers to code aggregation websites, which then make the codes available to a wider range of consumers, most of whom are not the intended customer base for either the source or the target. As a result, target margin may decrease and a “customer-only” impact for the source's customers may be diminished; co-branded target websites typically provide access only for the select customers, but may be viewed by all customers and competitors, are expensive to produce and/or maintain and require direct integration with authentication information; and direct integration of target offerings on a source website or other transaction infrastructure typically requires more expense for trained technology experts to implement the integration, and also typically requires integration of authentication information. SUMMARY Described and recited herein is a secure referral transfer service implemented by at least two web-based server components, along with associated web or other transactional infrastructure housed in or alongside the source's and target's websites or transactional infrastructure. The combination of the web-based components, integrated into the source's and target's websites or transactional infrastructures, enables the customer to be permitted access to unique features of the target's products and services without a direct integration of the two parties' transactional infrastructures or issuance of unique usernames and/or passwords or other unique identification of the consumer. In accordance with at least one embodiment, a secure referral transfer method includes receiving an offer for a connection agreement from a source, with the connection agreement defining data objects to be shared in transactions between the source and a target; receiving an acceptance of the offered connection agreement from the target; facilitating a connection between the source and the target based on the accepted connection agreement; and connecting a channel endpoint for the source and a channel endpoint for the target to facilitate a transaction. The method may be implemented without a direct integration of the infrastructure of the source and the target. In accordance with at least one other embodiment, a computer-readable medium stores computer-executable instructions thereon that, upon execution, cause one or more processors to facilitate a transaction by performing operations that include receiving a channel session linked to a channel endpoint for a source in accordance with a connection agreement; creating a transfer object to transfer extensible data objects, in accordance with the connection agreement, to a target; transferring the transfer object to a channel endpoint for a target; and validating the transfer for the target. In accordance with at least one more embodiment, a system for conducting authenticated commerce. The system includes an authenticating server, a retailer website, and a vendor website. Operations performed by and within the system include the retailer website that receives a user selection of a product for purchase and encrypts a request that includes a string that indicates whether the user is authenticated on the retailer website and an identifier of a webpage for the selected product on a vendor website. The system also includes an authenticating server that decrypts the encrypted request; forms a comprehensive request by concatenating, to the decrypted request, objects that include a transfer identifier indicating that the user is authenticated on the retailer website; encrypts the com