EP1198782A1 - Systeme de guichet bancaire universel pouvant etre insere dans un boitier pour disquette 3-1/2 pouces - Google Patents

Systeme de guichet bancaire universel pouvant etre insere dans un boitier pour disquette 3-1/2 pouces

Info

Publication number
EP1198782A1
EP1198782A1 EP00937838A EP00937838A EP1198782A1 EP 1198782 A1 EP1198782 A1 EP 1198782A1 EP 00937838 A EP00937838 A EP 00937838A EP 00937838 A EP00937838 A EP 00937838A EP 1198782 A1 EP1198782 A1 EP 1198782A1
Authority
EP
European Patent Office
Prior art keywords
housing
smart chip
information
read head
disposed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP00937838A
Other languages
German (de)
English (en)
Inventor
Robert Lee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
UTM Systems Corp
Original Assignee
UTM Systems Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by UTM Systems Corp filed Critical UTM Systems Corp
Publication of EP1198782A1 publication Critical patent/EP1198782A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/0013Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers
    • G06K7/0056Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers housing of the card connector
    • G06K7/006Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers housing of the card connector the housing being a portable casing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/0004Hybrid readers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/0013Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers
    • G06K7/0021Methods or arrangements for sensing record carriers, e.g. for reading patterns by galvanic contacts, e.g. card connectors for ISO-7816 compliant smart cards or memory cards, e.g. SD card readers for reading/sensing record carriers having surface contacts
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/08Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes
    • G06K7/082Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes using inductive or magnetic sensors
    • G06K7/083Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes using inductive or magnetic sensors inductive
    • G06K7/084Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes using inductive or magnetic sensors inductive sensing magnetic material by relative movement detecting flux changes without altering its magnetised state

Definitions

  • the invention relates generally to electronic devices, and more particularly to a UTM machine that can be inserted into a computer's 3-1/2 inch disk drive.
  • Cards and debit cards have magnetic stripes that contain the cardholder's personal information; e.g., name and card account number.
  • Debit cards can be used at these locations by swiping the card through the reader and entering a personal identification number (PIN) into the reader's keypad.
  • PIN personal identification number
  • Adequate security is achieved by a secure communications connection between the reader and a remote computer/server and by the cardholder possessing a debit card that can be read by the reader and knowing the PIN associated with the card.
  • Credit cards can be used at these same locations by the cardholder signing a document for comparison by a clerk to a signature on the back of the card.
  • Adequate security is achieved by the cardholder possessing a card that appears to the clerk to be authentic and being able to produce a signature that matches the signature on the back of the card.
  • the smart chip stores a unique identification code that cannot be read but which can be used with encryption to prove the identification of the chip to a remote computer/server across a communications line.
  • encryption of this code provides a secure identification of the computer.
  • the owner of the host computer can be held responsible for its use. Entry of a PIN at a keyboard connected to the host computer may also be required. With the ability to prove which host computer placed a communication for a financial transaction and that a particular PIN was used, adequate security will be achieved for many financial transactions.
  • Each smart card would include a smart chip as described above.
  • the smart card is guarded by its owner like a key.
  • the person who possesses the smart card is presumed to be its proper owner. Entry of a PIN at a keyboard connected to the host computer to which the smart card reader is also connected can also be required.
  • an electronic device includes a 3-1/2-inch floppy-disk shaped housing with a slot, a thin magnetic read head, a disk drive communications transducer, and a processing circuit disposed within the housing.
  • the slot receives a card having a magnetic stripe that stores information, and the magnetic read head reads the information stored on the stripe.
  • the processing circuit receives the information read by the read head and provides processed information to the transducer.
  • the processing circuit includes a smart chip for performing security functions which provides a unique identification code to the transducer.
  • the smart chip is contained in a removable SIM (Subscriber Identification Module) which inserted into a SIM port within the device.
  • SIM Subscriber Identification Module
  • the smart chip may be embedded in the device.
  • a smart chip includes security circuitry that can facilitate security functions, such as authentication, encryption and decryption, digital signatures, unique identification code storage and other well known smart chip functions.
  • the smart chip provides authentication to a remote server across a network by confirming a unique identification to the remote server without revealing to the local computer or any intervening device in the communications link enough information that, if captured, can be used to imitate the smart chip.
  • Another aspect of the invention provides for direct input of user known information, such as a PIN, via a keypad on the surface of the device. This allows the PIN to be entered into the smart chip without being transmitted to the PC where it could be intercepted by unauthorized software running on the PC. Communications between the device and the user, such as prompts and process confirmations for instance, are provided via a display, such as a liquid crystal display (LCD) or an LED array, and/or audible means such as a tone or speech generator.
  • LCD liquid crystal display
  • audible means such as a tone or speech generator.
  • such a device can receive encoded information from a magnetic stripe on a card and/or user known information, such as a PIN, and it can be inserted into a host computer to communicate with the host computer via the computer's floppy-disk drive.
  • a device eliminates the need for special connections to the host computer.
  • the device can ensure the security of a credit/debit card transaction by using the secure authentication features of the smart chip and requiring a personal identification number (PIN) or other user information that identifies the cardholder.
  • the device can generate user authentication tokens for use in other types of transactions and online activities such as on-line stock trading, accessing confidential databases or generating digital signatures.
  • Figure 1 is a front view of the UTM machine.
  • FIG. 2 is a schematic block diagram of the circuitry of the card reader of Figure 1.
  • Figure 3 is a perspective view of the very thin magnetic-stripe read head according to an embodiment of the invention.
  • SIMs are well known in the electronics industry. As is the case in the present invention, SIM's often include “smart chip” circuitry that can process information and store values.
  • Smart chips are adaptable to a wide variety of devices and shapes, but they are commonly found in a "smart card" which typically has a form factor similar to a credit card.
  • the smart chip can be embedded within the device rather than inserted into a socket where it is removable.
  • each reference to smart chip should be understood as a reference to an embedded smart chip or to a removable smart chip within a SIM or within another type of carrier such as a smart card. Additional security is provided in the case of SIMs, smart cards or embedded smart chips that require entry of a PIN before the processing can be continue.
  • a PIN is synonymous with user information that is used to identify the user.
  • the user information may be a numeric sequence, such as a typical PIN, a combination of numbers and/or other symbols, or a fingerprint or other bio-metric data.
  • the unique identification code of the smart chip is registered on a remote central computer/server in association with accurate identification of the cardholder to whom the SIM or device with embedded smart chip was issued.
  • a secure PIN entered via a keypad on the UTM machine that cardholder can create a list of credit and debit cards that are authorized for use with the reader.
  • the list can be stored in secure memory in the smart chip or on the remote central computer/server.
  • the cardholder swipes a card through the reader the identifying information read from the card is transmitted from the device to a host computer then to a central computer/server where it is compared with the corresponding information on the central computer/server associated with the unique identification code stored in the smart chip. If the identifying information and code do not match, then the transaction may be disallowed for inadequate security.
  • the UTM machine in a 3-1/2-inch floppy-disk housing is portable and easily connected to or disconnected from the cardholder's computer or any other host computer. This allows the cardholder to easily guard his/her possession of the UTM machine and to permit others to use his/her computer without a security risk. Also, if the smart chip is in a removable SIM, the SIM can also be removed and stored in a secure location to provide greater security.
  • the UTM machine will be issued with a particular credit/debit card account or user access account in mind.
  • the SIM is removable, the UTM machine can be used with another combination of SIM and card.
  • a single SIM may be associated with several cards issued by different institutions through a cooperative arrangement.
  • the user enters the PIN for the debit card, and the PIN is encrypted through the use of the smart chip and transmitted to the remote computer/server, along with the encrypted unique identification code stored on the smart chip, for comparison with the PIN stored on the remote computer/server as corresponding to the identification code.
  • the smart chip may be used for other familiar smart chip functions such as storing electronic cash.
  • the cardholder who owns the UTM machine can swipe a credit/debit card and download electronic cash into the smart chip for use in transactions that are for very small amounts of money, where transaction fees or delays are unacceptable, or for use in anonymous transactions.
  • the smart chip is in a SIM, the cardholder can give the SIM, or the SIM and UTM machine to another person without providing the cardholder's credit/debit card, and that other person can then spend the electronic cash stored in the smart chip without having access to the cardholder's credit/debit card accounts.
  • FIG. 1 is a front view with of a UTM machine 10 according to an embodiment of the invention.
  • the UTM machine 10 includes a housing 12 designed to standard floppy-disk specifications sufficient to allow the UTM machine 10 to be inserted into and communicate with a conventional floppy-disk drive without damaging the drive or requiring modification of the drive.
  • the UTM machine 10 includes a slot 14 for receiving a card 16, which has a magnetic stripe 18 for storing cardholder information (e.g., bank account number or other identifying information).
  • a switch 20 functions as a power switch to activate the UTM machine prior to the card 16 being swiped through the slot 14.
  • the switch 20 may be a mechanical switch or an optical switch internal to the UTM machine that senses the presence of the card 16 in the slot 14, which then energizes the internal circuitry.
  • An encoded information read head 22 (hereinafter “read head”) reads the information encoded on the magnetic stripe 18 as the card is swiped through the slot 14 in the direction indicated 23.
  • the encoded information may be in a form other than magnetically encoded data.
  • the information may be optically encoded such as in a bar code, and the read head would be of a type capable of reading optically encoded information.
  • the UTM machine 10 includes a SIM port 27 for receiving a removable SIM 28, which is associated with an owner or a particular card or set of cards.
  • the SIM 28 also performs typical smart chip encryption and authentication.
  • a disk drive communications transducer 30 (hereinafter “transducer”) on the backside of the UTM machine 10 allows it to communicate with the read/write head (not shown) of a conventional floppy-disk drive by mimicking the electrical signals the read/write head would normally expect when communicating with a conventional floppy disk.
  • the transducer 30 may be referred to as a "communications head” for instance, or something similar, but it is intended herein to refer to any device or circuit incorporated in the UTM machine 10 that can communicate with the read/write head of a typical floppy-disk drive.
  • a conventional battery 32 supplies power to the device.
  • a display 36 may indicate battery power level, user prompts, function and status messages.
  • the UTM machine 10 has a keypad 37 used to enter PIN codes, respond to various prompts, initiate authentication, select transaction types and to launch host computer based applications once the UTM machine has been inserted in the floppy-disk drive.
  • the SIM 28 is preferably programmed for dual key (public/private) encryption such as for use with the secure electronic transactions (SET) protocol.
  • the SIM 28 may include electronic-key circuitry that is capable of securely encrypting a unique identifier and transmitting it to a remote computer/server such as with DES encryption or another encryption protocol such as RSA.
  • An alternative embodiment includes Braille symbols on the keypad and audible responses, prompts, and status messages so persons with impaired vision may use the UTM machine.
  • FIG 2 is a schematic block diagram of a processing circuit 44 for the UTM machine 10 of Figure 1.
  • magnetic- stripe read circuitry 50 includes the thin read head 22 which reads the magnetically encoded data from the magnetic stripe 18 (ref. Figure 1) and converts it into a digital signal.
  • the magnetic-stripe read circuitry is coupled to the programmable logic 49.
  • a microcontroller 48 is coupled to the SIM port 27, the display 36, the power supply and the programmable logic 49.
  • the microcontroller 48 receives the magnetic-stripe information from the programmable logic 49 and the identification code from a SIM 28 inserted in SIM port 27 and provides them after processing to the programmable logic 49 which is coupled to an electromagnetic interface circuit 52, which includes the transducer 30.
  • the floppy drive interface circuit 52 converts this information into a signal that can be read by a floppy-disk drive read/write head 41 and transmits this signal to the transducer 30.
  • the programmable logic is also coupled to the keypad circuitry 53, which includes keypad 37.
  • a conventional power supply 54 including the battery 32, supplies power to all of the processing circuitry 44 and the SIM.
  • Memory 55 is coupled to programmable logic 49, which passes information from the memory 55 to the microcontroller 48 as needed.
  • An alternative embodiment incorporates microcontroller 48, programmable logic 49 and memory 55 in an application specific integrated circuit (ASIC) 100.
  • ASIC application specific integrated circuit
  • FIG. 1 Another alternative embodiment takes advantage of the processing capabilities of SIM's to reduce the complexity of the circuitry and perform microcontroller functions in the SIM rather than having a sophisticated processing circuit built into the UTM machine.
  • a cardholder inserts the SIM 28 in the SIM port 27, activates the power switch 20 and swipes his card 16 through the slot 14.
  • the read head 22 senses the magnetically encoded information on the stripe 18 and converts this information into electrical signals.
  • the read circuitry 50 then converts these electrical signals into a digital signal that represents the stored information and provides this digital signal to the programmable logic 49.
  • the microcontroller 48 After the microcontroller 48 receives and stores the magnetic-stripe information, it causes the display 36 to indicate that the reading of the stripe 18 was successful. Alternatively, if there was a read error, the microcontroller 48 causes the display 36 to generate a prompt to indicate to the cardholder that he needs to re-swipe the card 16 through the slot 14. In addition, if the transaction requires a PIN, the cardholder is prompted to enter his PIN on the keypad 37.
  • the cardholder inserts the UTM machine into a floppy-disk drive.
  • the UTM machine provides the SIM information, the information read from the magnetic stripe 18, and PIN information if required, to a remote computer/server (not shown) via the communications circuitry 52, the disk drive read/write head 41 , and the host computer in which the disk drive is installed (not shown).
  • the host computer provides additional information (e.g., items to be purchased) regarding the transaction that the cardholder enters via a keyboard, mouse, or other means.
  • the SIM 28 encrypts the identification code and magnetic- stripe information according to conventional encryption techniques.
  • the identification code may be stored in encrypted form on the SIM 28 or the information may be stored in encrypted form on the magnetic stripe.
  • the microcontroller 48 does not alter the code or the magnetic-stripe information before sending it to the remote computer/server.
  • the UTM machine also has a time out function. Once the requisite actions have been taken, such as card swiping and PIN entry, the device will time out and clear its memory of magnetic stripe information and the PIN if it is not inserted in a computer and/or the transaction is not commanded to proceed within a pre-defined time limit. This feature adds additional security by preventing an unauthorized user from successfully using the UTM machine after the owner of the UTM machine has entered his information.
  • Figure 3 is a perspective view of the magnetic-stripe read head 22 of Figure 1 according to an embodiment of the invention.
  • the read head 22 is thin enough for placement within the floppy-disk housing 12 of Figure 1. This embodiment of the read head 22 is discussed in detail in patent application THIN MAGNETIC MEDIUM READ HEAD, U.S. Pat. App. Serial No. 9/560,842 filed April 28, 2000 and which is incorporated by reference.
  • An error free read of a magnetic stripe typically requires four to eight ounces of contact pressure between the read head and the magnetic stripe.
  • the UTM machine housing may require additional integral stiffening if it is molded of conventional plastics so that the portions of the housing forming the slot will provide sufficient pressure between the read head and the card as a card is swiped through it.
  • metallic forms may be added to stiffen the housing or provide a biasing force that aids in squeezing the read head against the card.
  • the housing can be made to allow a portion of it to subtly rotate or pivot relative to the remainder of the housing forming the slot so the read head maintains optimum contact with a bent card as the card passes by it.
  • the read head can be suspended in a carrier element that will allow it to rotate as described above.

Landscapes

  • Engineering & Computer Science (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)

Abstract

L'invention concerne un système de guichet bancaire universel pouvant être inséré dans un boîtier pour disquette 3-1/2 pouces. Ledit système comprend un boîtier (12) pour disquette pourvu d'une fente (14) permettant de faire glisser la carte de crédit/débit; d'une tête (22) de lecture de piste magnétique; un module (28) d'identification de l'abonné amovible comprenant un circuit (28) de puces intelligentes monté sur le point de connexion du module d'identification; d'un transducteur (30) de communication de lecteur de disque; d'un clavier (37); d'un dispositif d'affichage (36) à cristaux liquides; et d'un circuit d'exploitation placé à l'intérieur du boîtier (12). La fente (14) reçoit une carte (16) pourvue d'une piste magnétique stockant les informations et la tête (22) de lecture lit les informations stockées sur cette piste.
EP00937838A 1999-05-28 2000-05-26 Systeme de guichet bancaire universel pouvant etre insere dans un boitier pour disquette 3-1/2 pouces Withdrawn EP1198782A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US322669 1981-11-18
US32266999A 1999-05-28 1999-05-28
PCT/US2000/014591 WO2000073985A1 (fr) 1999-05-28 2000-05-26 Systeme de guichet bancaire universel pouvant etre insere dans un boitier pour disquette 3-1/2 pouces

Publications (1)

Publication Number Publication Date
EP1198782A1 true EP1198782A1 (fr) 2002-04-24

Family

ID=23255902

Family Applications (1)

Application Number Title Priority Date Filing Date
EP00937838A Withdrawn EP1198782A1 (fr) 1999-05-28 2000-05-26 Systeme de guichet bancaire universel pouvant etre insere dans un boitier pour disquette 3-1/2 pouces

Country Status (3)

Country Link
EP (1) EP1198782A1 (fr)
AU (1) AU5296100A (fr)
WO (1) WO2000073985A1 (fr)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3903454A1 (de) * 1988-12-12 1990-06-13 Raymund H Eisele In edv-einrichtungen einsteckbares element
DE4133246C1 (fr) * 1991-10-08 1993-04-08 Smartdiskette Gmbh, 6270 Idstein, De
US5663553A (en) * 1995-09-27 1997-09-02 Intel Corporation Mass storage device adapter for smart cards

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0073985A1 *

Also Published As

Publication number Publication date
WO2000073985A1 (fr) 2000-12-07
WO2000073985A9 (fr) 2001-06-28
AU5296100A (en) 2000-12-18

Similar Documents

Publication Publication Date Title
KR102416954B1 (ko) 선불, 직불 및 신용 카드 보안 코드 생성 시스템을 위한 방법
US5475756A (en) Method of authenticating a terminal in a transaction execution system
US8151335B2 (en) Proxy authentication methods and apparatus
US8376223B2 (en) Method and apparatus for securely activating a credit card for a limited period of time
US6983882B2 (en) Personal biometric authentication and authorization device
US5036461A (en) Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device
US4961142A (en) Multi-issuer transaction device with individual identification verification plug-in application modules for each issuer
US4357529A (en) Multilevel security apparatus and method
US7690580B2 (en) Transaction cards having dynamically reconfigurable data interface and methods for using same
US7837121B2 (en) Secure credit card adapter
CN1344396B (zh) 便携式电子的付费与授权装置及其方法
EP2038227B1 (fr) Système et procédé pour activer un instrument de paiement par téléphone
CN1307594C (zh) 付款方法
US4304990A (en) Multilevel security apparatus and method
GB2261538A (en) Transaction authentication system
US20200090161A1 (en) Payment devices using optical codes
EP2580722A1 (fr) Procédé et appareil permettant l'activation sécurisée d'une carte de crédit pendant une période de temps limitée
EP1198782A1 (fr) Systeme de guichet bancaire universel pouvant etre insere dans un boitier pour disquette 3-1/2 pouces
US20150100444A1 (en) Portable device for financial transactions
Read EFTPOS: electronic funds transfer at point of sale
KR20030052766A (ko) 금융단말기의 사용자 인증 방법
JP2002208071A (ja) カード処理システム
Mackinnon et al. Smart cards: A case study
KR20050034266A (ko) 2차원 바코드 형태의 지문 정보가 인자된 카드를 이용한사용자 인증 및 전자결제 시스템과 사용자 인증 및전자결제 방법

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20011227

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

AX Request for extension of the european patent

Free format text: AL;LT;LV;MK;RO;SI

PUAJ Public notification under rule 129 epc

Free format text: ORIGINAL CODE: 0009425

32PN Public notification

Free format text: EPO FORM 2502B-INVITATION TO GIVE NOTICE OF APPOINTMENT OF PROFESSIONAL REPRESENTATIVE DATED 17.11.2003 ADDRESSED TO: UTM SYSTEMS CORPORATION,

RBV Designated contracting states (corrected)

Designated state(s): DE FR GB

PUAJ Public notification under rule 129 epc

Free format text: ORIGINAL CODE: 0009425

32PN Public notification

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC (EPO FORM 2524 DATED 03.05.2004)

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20031202