AU2002100568A4 - Secondary security measure for transaction cards - Google Patents

Secondary security measure for transaction cards Download PDF

Info

Publication number
AU2002100568A4
AU2002100568A4 AU2002100568A AU2002100568A AU2002100568A4 AU 2002100568 A4 AU2002100568 A4 AU 2002100568A4 AU 2002100568 A AU2002100568 A AU 2002100568A AU 2002100568 A AU2002100568 A AU 2002100568A AU 2002100568 A4 AU2002100568 A4 AU 2002100568A4
Authority
AU
Australia
Prior art keywords
transaction
card
security code
cardholder
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
AU2002100568A
Other versions
AU2002100568A8 (en
Inventor
Pamela Robin Cummins
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to AU2002100568A priority Critical patent/AU2002100568A4/en
Application granted granted Critical
Publication of AU2002100568A4 publication Critical patent/AU2002100568A4/en
Publication of AU2002100568A8 publication Critical patent/AU2002100568A8/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Description

AUSTRALIA
Patents Act 1990 COMPLETE SPECIFICATION INNOVATION PATENT Secondary Security Measure for Transaction Cards BACKGROUND OF THE INVENTION 1. Field of the Invention The following invention relates to transaction cards such as credit cards, debit cards, ATM (Automatic Teller Machine) cards and other cards that might be used over the counter and/or with machines or other devices such as card readers to transact funds.
2. State of the Art Transaction cards require entry of a PIN (Personal Identification Number), or other security code as a security measure to initiate a transaction at ATMs or when making a purchase where one slides his or her own card through a card reader associated with a key pad such as in supermarkets or other stores, for example. Such a PIN or other security code might be termed a "primary PIN" or "primary security code".
Where a credit card is used to purchase goods for example, only a signature is required for verification. A PIN or other security code is not required for this type of transaction. Therefore any person capable of forging a signature appearing on a stolen card can use the card to make a purchase.
It is the object of the present invention to provide a transaction system and method to overcome or substantially ameliorate at least one of the above disadvantages and/or more generally to provide additional security for transaction cards.
SUMMARY OF THE INVENTION In one form of the invention, there is disclosed a transaction authorisation method using a transaction card encoded to identify an account or accounts with which the transaction card is associated, the card having a specimen signature thereon, the method including the step of requiring verification of both the cardholder's signature against the specimen signature and entry of a security code by the cardholder to authorise the transaction.
Preferably, the security code is a personal identification number associated with the account.
In one preferred form of the invention, the security code is a secondary security code derived from the cardholder's mother or father.
In a further form of the invention, there is provided a transaction authorisation method using a transaction card encoded to identify an account or accounts with which the transaction card is associated, including the step of requiring entry of both primary security code and a secondary security code said secondary security code being derived from the date of birth of a cardholder's mother or father.
Typically, only the day and month of the date of birth of the cardholder's mother or father need be entered.
The cardholder's mother or father's date of birth data might be held in a database, having been placed there upon opening of the account with which the card is associated. Other information held in the database might include the cardholder's mother's maiden name for example.
The primary security code is required when a transaction is being made with a machine such as an ATM or supermarket or other store card reader. When making a transaction with a credit card over the counter the primary security measure might instead use a signature verification. In such transactions, the secondary security code is required to complete a transaction.
There is further disclosed herein a transaction system using a transaction card encoded to identify an account or accounts with which the transaction card is associated, the card having a signature thereon and the system incorporating secondary encoding derived from the date of birth of the cardholder, the system requiring signature verification and verification of the secondary encoding to complete a transaction.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Known transaction cards are encoded with a magnetic strip to identify the account or accounts with which the card is associated. Information is held in a computer database and usually includes a PIN code. Entry of this code is required to commence a transaction when using the card at an ATM or when using "EFTPOS" (Electronic Funds Transfer Point of Sale) facilities at supermarkets or other stores for example. If the card is stolen and the PIN is known by thethief, the card can readily be used.
However, where a transaction at an EFTPOS terminal is entered as a credit transaction, the EFTPOS terminal checks the transaction amount against the available balance and, if approved, an authorisation slip is printed for signature by the cardholder and verification against the specimen signature on the card before the transaction is completed.
In one preferred form of the invention, it is proposed to strengthen security of the credit card transactions by requiring both signature verification and entry of the PIN code for authorisation of a credit transaction at an EFTPOS terminal. Thus, it is proposed that the EFTPOS card reader will require correct entry of the PIN for the credit or other transaction card before printing the authorisation slip for signature. If the signature is then verified, the transaction is then completed. Alternatively, the system may print the authorisation slip for signature and verification, and after signature verification, require entry of a PIN to complete the transaction.
In this way, additional protection is provided against transaction fraud. The system may be implemented using the existing, widely distributed EFTPOS system hardware at retailers and financial institutions, requiring only software reprogramming and implementation of altered transaction procedures to achieve the benefits of the invention.
Preferably, the PIN code required for transaction completion is derived from the date of birth of the cardholder's mother or father. In this way, this encoding can readily be recalled by the legitimate cardholder and entered as a secondary security measure at an ATM or card reader or during an across the counter transaction. A thief would not necessarily know the date of birth data.
The invention preferably utilises both primary and secondary encoding in the bank's database, with the primary encoding being an ordinary PIN, but the secondary encoding being something like "03221935" to identify the date of birth of a cardholder's mother or father born on 22 March 1935. The entry of this code would be required as a secondary security measure to complete a transaction at an ATM or EFT terminal or else the relevant date of birth might simply be stated to a shop assistant who can key in the code. Without both the signature or primary code and the secondary code, the transaction will be withheld by the bank's computer software.
It should be appreciated that the secondary PIN or other security code need not be exactly as stated above but might simply be "derived" from the date of birth of the cardholder's mother or father. It might, for example, just be in relation to the month and day of the month for cardholders not willing to divulge their age at every across the counter transaction.
It should be appreciated that alterations to this system that are obvious to those skilled in the art are not to be considered as beyond the scope of the invention. For example, the secondary encoding might also include a check digit as a further security measure against unauthorised use. It will also be understood that reference to the birth date of the cardholder's mother or father includes reference to the birth date of a guardian or a step-mother or step-father.
It should further be appreciated that where people carry multiple cards and have multiple accounts, these often have different PINs and it can be difficult and confusing to remember them all. As a result, and despite requests from the financial institutions issuing the cards, it is common for people to keep written record of their various PINs in their wallet or purse. This presents a substantial risk of fraudulent use of the card if the wallet or purse is lost or stolen. In the present invention, the secondary PIN being a derivation of one of the cardholder's parents date of birth would be easy to remember by the legitimate cardholder. There would be further advantages in that there would be no need for the cardholder to write this number down on material kept with their wallet or purse as it would be readily recalled anyway.
As a preferred or optional feature, an ATM might be pre-programmed to retain the transaction card, should a user not be able to key in the secondary security code.
If the holder's purse or wallet is stolen, the transaction card would be of no use or value to a thief, even if the primary PIN is discovered. If the thief then attempted to use the card to purchase goods over the counter without the secondary PIN, the transaction could not be completed. If the thief attempted to use the card in an ATM, his lack of information as to one of the cardholder's parent's date of birth would result in cancellation of a transaction and perhaps retention of the card by the ATM.
There is further provided a method of entering the secondary PIN into the financial institution's database without human intervention on behalf of the financial institution: Contrary to current practice, all application forms for issuance of a card would be individually coded with an application number or similar.
Each application form would have a "tear-off' section, containing the same coding as the body of the form. This removable section would also contain instructions for the card applicant to set up the secondary PIN by telephoning the credit provider at a specified telephone number within a specified time period (eg. 48 hours from lodging the card application), using a touch-tone phone. The instructions would explain the nature and use of the secondary security code. The card applicant's telephone call is answered by an automated answering service which prompts the caller to enter the individual application form coding and the birth date which will form the basis for the secondary PIN. The service will then confirm this data to the caller, for example by asking for repeat entry of the data or confirming the data by voice synthesis. The automated service may optionally then confirm to the caller the secondary PIN derived from the birth data.
When the application is processed by the credit provider, the secondary PIN is correlated to the card application in the database using the application form code number, thus entering the secondary PIN into the database without intervention by staff of the credit card provider.
Alternatively, or in addition, the removable section could contain instructions for the card applicant to set up the secondary PIN via a secure internet site. The set up information and procedure could be generally similar to that for telephone setup. For added security, the internet site may also include a field requiring entry of an extra code, which preferably is the same as the user's internet service provider access password.
Where a card applicant completes an application form and lodges it personally with the credit provider, facilities may be provided to complete this secondary PIN set up procedure at that time. If the applicant mails in the application, the applicant will need access to a touch-tone phone or internet facilities to complete set up of the secondary
PIN.
The system may also require that the applicant, upon receipt of the credit or transaction card, contacts the card provider on a specified telephone number or internet address and is prompted to key in the PIN to activate the card.
As a further precaution against transaction fraud, it is preferred that a holographic or other diffractive optical variable device covers substantially the entire front surface of the transaction card. Preferably, the hologram is embossed into a transparent holographic foil which may be applied to substantially the whole front surface of the card while permitting visibility of the graphic elements of the card.
While particular embodiments of this invention have been described, it will be evident to those skilled in the art that the present invention may be embodied in other specific forms without departing from the essential characteristics thereof. The present embodiments and examples are therefore to be considered in all respects as illustrative and not restrictive, and all modifications which would be obvious to those skilled in the art are therefore intended to be embraced therein. It will further be understood that any reference herein to known prior art does not, unless the contrary indication appears, constitute an admission that such prior art is commonly known by those skilled in the art to which the invention relates.

Claims (4)

1. A transaction authorisation method using a transaction authorisation method using a transaction card encoded to identify an account or accounts with which the transaction card is associated, the card having a specimen signature thereon, the method including the step of requiring verification of both the cardholder's signature against the specimen signature and entry of a security code by the cardholder to authorise the transaction.
2. A method according to claim 1 wherein the security code is a personal identification number associated with the account.
3. A method according to claim 1 wherein the security code is a secondary security code derived from the date of birth of the cardholder's mother or father.
4. A transaction authorisation method using a transaction card encoded to identify an account or accounts with which the transaction card is associated, including the step of requiring entry of both primary security code and a secondary security code, said secondary security code being derived from the date of birth of a cardholder's mother or father. A method of entering a security code associated with a transaction account into a database of a financial institution, substantially as herein described. Dated this 17th day of July 2002 PAMELA ROBIN CUMMINS Patent Attorneys for the Applicant HALFORD CO.
AU2002100568A 2001-07-17 2002-07-17 Secondary security measure for transaction cards Ceased AU2002100568A4 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002100568A AU2002100568A4 (en) 2001-07-17 2002-07-17 Secondary security measure for transaction cards

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
AUPR6411A AUPR641101A0 (en) 2001-07-17 2001-07-17 Secondary security measure for transaction cards
AUPR6411 2001-07-17
AU2002100568A AU2002100568A4 (en) 2001-07-17 2002-07-17 Secondary security measure for transaction cards

Publications (2)

Publication Number Publication Date
AU2002100568A4 true AU2002100568A4 (en) 2002-11-21
AU2002100568A8 AU2002100568A8 (en) 2002-11-21

Family

ID=3830372

Family Applications (2)

Application Number Title Priority Date Filing Date
AUPR6411A Abandoned AUPR641101A0 (en) 2001-07-17 2001-07-17 Secondary security measure for transaction cards
AU2002100568A Ceased AU2002100568A4 (en) 2001-07-17 2002-07-17 Secondary security measure for transaction cards

Family Applications Before (1)

Application Number Title Priority Date Filing Date
AUPR6411A Abandoned AUPR641101A0 (en) 2001-07-17 2001-07-17 Secondary security measure for transaction cards

Country Status (1)

Country Link
AU (2) AUPR641101A0 (en)

Also Published As

Publication number Publication date
AUPR641101A0 (en) 2001-08-09
AU2002100568A8 (en) 2002-11-21

Similar Documents

Publication Publication Date Title
US5365046A (en) Preventing unauthorized use of a credit card
US7748616B2 (en) Method for implementing anonymous credit card transactions using a fictitious account name
US7494056B2 (en) Retail package for prepaid debit cards and method for debit card distribution
US7347361B2 (en) System, method and program product for account transaction validation
US20070073619A1 (en) Biometric anti-fraud plastic card
US20080210754A1 (en) Account payment using barcode information exchange
US8430298B2 (en) Presentation instrument package arrangement
CA2374093A1 (en) Cardless payment system
US20060206350A1 (en) Security method and apparatus for preventing credit card fraud
EP1370999A1 (en) System for affecting orders for payment with identification by means of card data and fingerprint
US7533814B2 (en) Presentation instrument with user-created pin
US6820803B1 (en) Cash card system
US9508074B2 (en) Method for secure use of identification cards
US20030066879A1 (en) Security system and method for transaction cards
Sivakumar et al. Fraud detection in credit card transactions: classification, risks and prevention techniques
CN101501708A (en) Transaction instruments with enhanced security PIN and expiration date generation
JP2006155636A (en) Ic card settlement device
US20070278292A1 (en) Retail cash product
AU2002100568A4 (en) Secondary security measure for transaction cards
US20020033415A1 (en) Secondary security measure for transaction cards
CA2520626A1 (en) Techniques for protecting financial transactions
US20020095371A1 (en) Prepaid cash card
WO2006049585A1 (en) Payment system
US7984848B1 (en) Cash card system
WO2008029141A1 (en) A debit or credit card

Legal Events

Date Code Title Description
TH Corrigenda

Free format text: IN VOL 16, NO 41, PAGE(S) 477 UNDER THE HEADING INNOVATION PATENTS OPI - NAME INDEX UNDER THE NAME CUMMINS, P., APPLICATION NO. 2002100568, UNDER INID (45) CORRECT THE DATE TO READ 21.11.2002.

MK22 Patent ceased section 143a(d), or expired - non payment of renewal fee or expiry