US20120265689A1 - Methods for Customizing Secured Transactions that are Verified by a Money Source - Google Patents
Methods for Customizing Secured Transactions that are Verified by a Money Source Download PDFInfo
- Publication number
- US20120265689A1 US20120265689A1 US13/529,713 US201213529713A US2012265689A1 US 20120265689 A1 US20120265689 A1 US 20120265689A1 US 201213529713 A US201213529713 A US 201213529713A US 2012265689 A1 US2012265689 A1 US 2012265689A1
- Authority
- US
- United States
- Prior art keywords
- entity
- recited
- money source
- account
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/06187—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with magnetically detectable marking
- G06K19/06206—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with magnetically detectable marking the magnetic marking being emulated
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/06187—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with magnetically detectable marking
- G06K19/06196—Constructional details
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/105—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
- G06Q20/3415—Cards acting autonomously as pay-media
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3576—Multiple memory zones on card
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/383—Anonymous user system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4093—Monitoring of device authentication
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
Definitions
- the present invention is in the field of methods for customizing secured transactions between multiple parties that are verified by a money source.
- any solution needs to be something that is acceptable to the public at large. It should be easy to use. It should not be complicated or expensive to implement. Preferably, it should fit within the existing infrastructure, and not be something that requires a great deal of educational effort, or a radical change in behavior or habits of consumers. In other words, it should be user friendly, readily understandable and something that does not require a completely new infrastructure, which is a reason suggested by some as to why smart cards have not been widely accepted in the United States.
- the present invention is generally directed to methods for providing one or more secure transactions between a first entity and an additional entity.
- a customization parameter is received from the first entity along with an encrypted transaction validation code which positively identifies a transaction for the first entity who has a first entity identifier.
- the validation code and the first entity identifier are used by a money source which electronically verifies that the first transaction is valid by use of the first entity identifier and the validation code while the first transaction is customized through use of the customization parameter.
- the first entity identifier can be transferred to the money source as an account number and the validation code can be transferred to the money in a non-account data field.
- the money source validates the validation code by duplicating the encryption process used to create the validation code and then compares the result to the validation code received with the first transaction.
- the validation code is, at least in part, encrypted, and the money source validates the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received with the first transaction.
- the customization variable can be used to select between a first handling option and a second handling option between the money source and the first entity.
- such options can be mechanisms to bill a first account and a separate second account and the user can be sent a single bill for charges to both accounts, or separate bills.
- the two accounts can be credit accounts established with different money sources.
- the handling options can provide different mechanisms for dealing with distribution of information concerning different transactions, such as restricting the distribution of information from the money source to a third party for any transaction in which the user payment card number is generated by use of the a first user key or restricting distribution of personal information of the user relating to any payment card transaction, and the user may either provide or receive consideration for such handling options, Different handling options may be invoked by use of a second user key.
- the handling options can also provide a mechanism for classifying the nature of card transactions, such as noting personal transactions or identifying different users, and approval of a transaction can be subject to different restrictions depending upon whom the user is.
- the handling options can also be used to control what information is reported about a transaction in a billing statement.
- the validation code can be formed by using a Triple Data Encryption Standard algorithm (“TEDS”).
- TESS Triple Data Encryption Standard algorithm
- the money source can obtain the customization variable from the validation code and the customization variable can be received through use of at least one button.
- FIG. 1 is a physical layout of a preferred embodiment of a Universal Anonymous Credit Card (UACC) disclosed in U.S. Pat. No. 6,592,044 which is one electronic card useful in accordance with the present invention.
- UACC Universal Anonymous Credit Card
- FIG. 2 is a system block diagram of a preferred embodiment of the Universal anonymous Credit card (UACC) useful in accordance with the present invention.
- UACC Universal anonymous Credit card
- FIG. 3 is a physical layout of a preferred embodiment of the Universal anonymous Credit Card (UACC) useful in accordance with the present invention.
- UACC Universal anonymous Credit Card
- FIG. 4 shows an un-coded magnetic stripe likened to a series of aligned South-North magnetic domains.
- FIG. 5 shows a sudden introduction of a strong magnet having an opposite orientation on top of a magnetic domain of the magnetic stripe causing flux reversals.
- FIG. 6 shows flux reversals caused by sudden introduction of strong magnet having opposite magnetic orientation on top of a magnetic domain in a magnetic stripe.
- FIG. 7A is an un-coded portion of a track of a magnetic stripe having 5 bit cells showing no flux reversals.
- FIG. 7B shows a representation of all “0”, all “1” and “0” and “1” side by side according to the Aiken Biphase encoding code.
- FIG. 7C shows a representation of decimals “0”, “5” and “9” in the Aiken Biphase encoding standard.
- FIG. 7D shows one embodiment of an encoder head of the present invention.
- FIG. 8 shows one embodiment of an encoder of the present invention with drive electronics and logic.
- FIG. 9 is a simplified, schematic diagram of one embodiment used to generate a customer one-time unique purchase order number by a customer.
- the present invention is related to U.S. Pat. Nos. 5,913,203, 5,937,394 and 5,956,699, the disclosures of which are all specifically incorporated herein by reference.
- U.S. Pat. No. 6,592,044 provides the following disclosure of an electronic card.
- a unitary, self-contained electronic device having physical planar dimensions that are essentially identical to those of a conventional magnetic stripe credit card, which is widely used in electronic commerce today.
- the device has seven basic components, although it is possible to combine some of these components together.
- the first component is the card base.
- the other components in one way or another, are attached to this base.
- the second component is a computer. It is preferable that the computer be a single integrated chip, but it need not be A computer typically contains a central processing unit connected to both storage memory and random access memory (RAM). RAM is used to load and run application programs as well as for storing data during run time.
- the storage memory can hold a variety of computer programs.
- the third component is a display controlled by the computer.
- this is a liquid crystal display (LCD).
- the LCD can be controlled by a LCD driver, and the LCD driver can be contained in storage memory of the computer.
- the third component could be an electronic ink display, which is a novel and newly available display medium.
- the electronic ink display can be fabricated with highly flexible physical dimensions, especially in thickness, which is likened to a thin piece of paper and also much cheaper to manufacture than conventional LCD display.
- the fourth component is an input mechanism.
- this is a keypad.
- the input mechanism might rely upon voice recognition as this technology becomes more and more developed.
- the fifth component is a magnetic storage medium. In the preferred embodiment, this is a magnetic stripe.
- the sixth component is an encoder for generating a data packet that is stored in a designated portion of the magnetic storage medium. This component is what allows the electronic device to be dynamic by relying upon an input to generate the data packet.
- the seventh component is a power source. In the preferred embodiment, this is a battery or a solar cell.
- UACC Universal Anonymous Credit Card
- UACC Universal Anonymous Credit Card
- This can be done in a system and in methodology in which merchants no longer have access to the cardholder's real name, address and the actual valid credit card number.
- Such an effectual personal encryption does not however, prevent the additional use of an Internet standard encryption such as SSL or SET for online data exchanges. The latter will simply make such online transactions even more secured.
- PSIN PIN Sequence Insertion Number
- ACCN scrambled Anonymous Credit Card Number
- the algorithm only operates on digits 5 through 6 of the VCCN. This takes into account the fact that the first 4 digits of the standard VCCN denote the identification of the credit card issuer and the last 4 digits of the standard VCCN are reserved for the expiration date, all of which should be left undisturbed. Thus, it is the middle 12 digits that indicate the account number for the cardholder of the VCCN. Therefore, the algorithm calls for the cardholder to first delete the last four digits of the 12-digit account number. In this example the 4 digits to be deleted will be “8012”. The 8-digit number before the cardholder PIN is inserted according to the cardholder's PSIN is “0123 4567”.
- the algorithm defines the numbering convention of the digit positions in the ACCN.
- the first digit position is defined as the zeroth (0.sup.th) and the second is the first (1.sup.st) etc.
- the PIN number itself can act effectively as the PSIN so that the cardholder does not have to remember two numbers.
- the UACC In order to reduce the cost of use of the UACC, and increase the range of applications in which it can be used the UACC should have a magnetic storage medium that can be read by a standard magnetic stripe reader.
- the magnetic storage medium must be capable of being read by a standard magnetic stripe reader.
- the portion of the UACC containing the magnetic storage medium must be sized such that the magnetic storage medium will work with standard magnetic stripe readers.
- a standard magnetic stripe reader works by passing the magnetic stripe portion of a card, such as a credit card, through the magnetic stripe reader in a swiping motion. Standard magnetic stripe readers have been prevalent in retail stores throughout the United States for many years.
- the especially preferred embodiment uses a standard microprocessor having its usual Central Processing Unit (CPU), Read-Only-Memory (ROM), Random-Access-Memory (RAM) and Input-Output devices (I/O),
- CPU Central Processing Unit
- ROM Read-Only-Memory
- RAM Random-Access-Memory
- I/O Input-Output devices
- ROM 2 stores the relevant information about the cardholder such as primary account number VCCN name, expiration date, encrypted PIN etc.
- RAM 1 is a standard semiconductor RAM as part of the microprocessor and needed for its normal operation.
- RAM 2 is a portion of a magnetic stripe, namely Track 2 .
- RAM 2 temporarily stores the encoded ACCN to be read by a standard magnetic stripe reader during a normal credit card transaction after the cardholder inputs the PIN according to the PSIN algorithm into the UACC.
- the methodology software is installed into ROM 1 of the microprocessor during production.
- a standard parallel port Input Device serves to interface a numeric keypad and other functional switches of the UACC to the microprocessor.
- the UACC also has two Output Devices.
- the first Output Device is a standard parallel output port of the microprocessor used for interfacing to it a 10 —or more character alphanumeric LCD display through a driver far outputting information such as recalling from memory alias or typed in PIN verification. It is also used for production testing and repair or servicing of the UACC.
- the second Output Device is an integrated circuit (IC) magnetic encoder unit built into the UACC so as to encode Track 2 of the magnetic stripe or RAM 2 , either statically in conjunction with the existing magnetic stripe, or dynamically without the use of the existing magnetic stripe, with the temporary ACCN information for off the Internet credit card transactions.
- IC integrated circuit
- the UACC also contains a battery cell, ON/OFF and other functional switches to render it a fully functional and self-contained credit card (see FIG. 1 ).
- the UACC bridges the old economy world of brick and mortar to the new economy world of the Internet.
- the integrated circuit (IC) magnetic encoder with current-carrying conductive writing heads is fabricated on a flexible and ultra-thin polymer (e.g. polyimide) printed circuit board (PCB) intimately in contact with the magnetic stripe located above for data impression.
- the encoder driver and digital logic chips are also mounted on the flexible PCB, but in different areas to form the complete IC magnetic encoder.
- the IC magnetic encoder is technically compatible with conventional magnetic data transfer methodology and makes possible the fabrication of the present UACC with physical dimensions exactly like those for a regular magnetic stripe portion of a credit card.
- the UACC When the UACC is used in a retail transaction, by merely entering one's own PIN into the UACC prior to giving it to the merchant for swiping the credit card transaction, one takes full advantage of the secure and anonymous transaction afforded by the UACC.
- the user can first check his or her alias and entered PIN (note that the PIN is never stored in the UACC) using the LCD display on the UACC before the UACC is handed it over to the merchant. Since the cardholder has in effect already signed the transaction with a digital signature (his or her PIN), no additional hand signature is required to complete the transaction.
- the merchant only need receive the PIN-modified anonymous credit card number (ACCN) and the user's alias.
- ACCN PIN-modified anonymous credit card number
- the ACCN and the alias are read by a conventional magnetic stripe reader and are processed in exactly the same fashion as a conventional credit card number and credit cardholder name since such information can be sent to a credit card approval agent for approval of the transaction.
- the credit card approval agent has all of the information necessary to determine if the transaction is valid or fraudulent.
- the identity of the entity who authorized the credit card, as well as it expiration date, is available in the ACCN in just the same manner as it is available in a conventional credit card transaction.
- the card number is verified by confirming the card number contained in the ACCN as valid for the alias.
- a cardholder To use the UACC for Internet transactions, a cardholder first enters the PIN into the UACC exactly like that for off the Internet transactions. Next, the cardholder continues the transaction using only the cardholders alias, the ACCN appearing in the LCD display and also the cardholder's choice of trusted delivery (optional) should the cardholder prefer to make this transaction completely anonymous.
- the cardholder By carrying just one UACC which looks and feels exactly like a regular magnetic stripe credit card, one is now able to make old world credit card transactions like one always has done in the past. But, more importantly, one can now use the same UACC for making secure and anonymous transactions, anywhere in the world, and for both on and off the Internet transactions.
- FIG. 1 shows the physical layout for an especially preferred embodiment of the Universal Anonymous Credit Card (UACC) 1 .
- the areal dimensions of the UACC 1 are 3.375′′.times.2.125′′ or exactly those of a regular magnetic stripe credit card in use in electronic commerce today.
- the thickness of the UACC 1 varies from about 0.030′′ at the top where the magnetic stripe resides to 0.030′′-0.060′′ for the rest of the card dependent upon the thickness of the LCD used (see FIG. 1 ).
- ATM Automatic Teller Machine
- a 12-character keypad 9 In addition to the switches 3 - 8 , there is a 12-character keypad 9 .
- the primary function of the keypad 9 is for the cardholder to enter the PIN into the UACC 1 for generating the ACCN for on and off Internet commerce transactions.
- This LCD 10 displays the alias and the ACCN for use for Internet commerce transactions or the alias and bar code representing the ACCN after the cardholder's PIN is entered.
- the display of the ACCN will automatically erase itself after about 2 minutes to avoid exposing significant information to third parties.
- Track- 113 and track- 314 are used to store the relevant information about the cardholder such as primary account number VCCN, name, expiration date, encrypted PIN etc.
- Track- 215 of the magnetic stripe 12 normally contains only the cardholder's VCCN to be read by a magnetic stripe reader at the merchant's site.
- the ACCN instead of the VCCN, will be generated on command by entering the PIN with the appropriate function switch “MC” 7 by a special encoder 16 located at a designated location underneath the magnetic strip 12 .
- the generated ACCN which resides temporarily on Track- 215 of the magnetic stripe 12 will disappear automatically 2 minutes after it is being generated. This is to ensure that no significant information about the credit card account stays long enough for fraudsters to steal for committing subsequent credit card frauds.
- FIG. 2 The system block diagram for the especially preferred embodiment of the present invention is shown in FIG. 2 .
- a conventional 16-bit microprocessor 16 comprising a Central Processing Unit (CPU) 17 , a Read-Only-Memory (ROM 1 ) 18 , a Random Access Memory (RAM 1 ) 19 , a 16-bit parallel Input Port (Input) 20 and a 16-bit parallel Output Port (Output) 21 .
- the microprocessor 16 receives inputs through Input 20 from a bank of functional switches 22 , which contains switches 4 through 8 .
- the microprocessor also receives inputs from a 12-character keypad 9 through Input 20 .
- Outputs from the microprocessor 16 emanate from Output 21 through a LCD display driver 23 to reach the 10- or more character alphanumeric LCD display 10 and also through an encoder driver 24 to reach a designated location of Track- 215 of the magnetic stripe 12 .
- a designated location of Track- 215 serves as a second RAM, RAM 2 , for the microprocessor 16 .
- RAM 2 stores the encoded ACCN needed for offline credit card transactions to be read by the merchant's standard decoding equipment very much like a conventional magnetic stripe credit card.
- the software program for implementing the methodology provided by U.S. Pat. No. 5,956,699 for the cardholder to execute secured and anonymous credit card transactions on and off the Internet is installed into ROM 118 of the microprocessor 16 during production of the current UACC unit.
- Information pertaining to the cardholder is encoded onto Track- 113 and Track- 314 of the magnetic stripe 12 which serves as an independent ROM, ROM 2 , for the UACC unit. Since information stored in ROM 2 will be read with a standard magnetic stripe reader, it operates independently of the microprocessor 16 .
- a battery supply 26 with contacts 27 controlled by the ON/OFF switch 3 , completes the UACC system. The battery supply provides power to all the components of the UACC system, including the microprocessor 16 , LCD display driver 23 , encoder driver 24 , LCD display 10 and the keypad 9 .
- FIG. 3 shows the physical layout and construction for the especially preferred embodiment of the present UACC device. All the electronic components of the system, namely the microprocessor 16 , the LCD display 10 , the keypad 9 , LCD display driver 23 , encoder driver 24 , encoder 25 , functional switches 4 - 8 , ON/OFF switch 3 and battery contacts 27 with battery cell 26 , are fabricated on a flexible multi-layered printed circuit board 28 . The flexible printed circuit board 28 with all the loaded components is then encapsulated in plastic into thin 29 and thick 30 parallel sections as shown in FIG. 3 .
- the thickness of the thin section 29 where the conventional magnet stripe 12 will be fabricated on top of the encoder 25 (to be explained in more detail below) on the backside is about 0.030′′, the same thickness as the magnetic stripe credit cards in use today.
- the plastic encapsulated thick section 30 (see FIG. 3 ), while holding the fully-loaded flexible printed circuit board 28 in place, allows the ON/OFF switch 3 , functional switches 4 - 8 and the keypad 9 to be physically accessible (e.g. by fingers) from the front side of the UACC device.
- the LCD display 10 is also directly visible from the front side. Note that the thickness of the plastic encapsulated section would also be 0.030′′ thick if a polymer-backed (e.g. Mylar®) ultra-thin LCD display (0.020′′ thick typical) is used.
- a magnetic stripe is made out of a thin layer of very tiny ferromagnetic particles (typically 0.5 micron long) bound together with resin and subjected to a very strong magnetizing magnetic field (known as “coercivity”) when such a stripe is printed onto a substrate.
- coercivity very strong magnetizing magnetic field
- the process of encoding or writing involves the creation of N-N and S-S magnetic domain interfaces, or flux reversals, and the process of decoding or reading that of detecting them. Knowing that magnetic flux lines always emanate from the North pole and terminate on the South pole, a sudden introduction of a strong magnetic field (greater than the coercivity of the magnetic domains) having a N-S magnetic orientation can magnetize a normal S-N magnetic domain into N-S orientation, resulting in the creation of a pair of flux reversals S-S and N-N, much like that shown in FIG. 6 above.
- the magnetic stripe 12 has three tracks, namely Track- 113 , Track- 215 and Track- 314 . Digital data are stored in these three tracks according to the American National Standards Institute (ANSI) and International Standards Organization (ISO) BCD (5-bit Binary Coded Decimal Format) or ALPHA (alphanumeric) standards.
- ANSI/ISO standards for Tracks 1 , 2 and 3 are summarized in Table I as follows:
- Track- 1 13 named after the “International Air Transport Association” (IATA), contains the cardholder's name as well as account and other discretionary data, Track- 2 15 , “American Banking Association” (ABA), is the most commonly used. This is the track that is read by ATMs and credit card checkers. The ABA designed the specifications of this track and it is believed all major world banks abide by it. It contains the cardholder's account number, encrypted PIN, plus other discretionary data. Track- 3 14 is unique and intended to have data read from and written on it. At present, it is an orphaned standard and has not been widely used to date.
- IATA International Air Transport Association
- ABA American Banking Association
- each decimal digit is coded by 5 bits.
- Track- 2 has a density of 75 bits per inch (bpi).
- each character is represented by 5 bits.
- the encoder needs to encode 12 digits (see “222233334444” in example above), it will require a total of 60 bits.
- the density is 75 bpi, the maximum physical space available for a stationary encoder head is 0.800′′.
- the important dimension for the design of the encoder head is the space available for each BCD bit. In the present case, the bit dimension is 1,000 mils/75 bits or 13.33 mils (0.0133′′) per bit.
- FIG. 7A shows an un-encoded strip of Track- 2 long enough to accommodate 5 bits of data.
- the physical length of this strip is 5,times.0.0133′′ or 0.0667′′ (66.65 mils).
- This un-encoded strip is divided into five segments, each representing a single bit, and each is further represented by two magnetic domains as shown in FIG. 7A .
- Aiken Biphase In accordance with the industry standard of encoding called Aiken Biphase, or “two frequency coherent-phase encoding”, data is encoded in “bit cells” defined above and the frequency of which is the frequency of the ‘0’ signals. ‘1’ signals are exactly twice the frequency of the ‘0’ signals. So, at least from the conventional way of decoding, the actual frequency of the data passing the ‘READ’ head will vary with the swipe speed, for the data density, control functions etc., the ‘0’ frequency, however, will always be twice the ‘0’ frequency. This is illustrated in FIG. 7B where the representation of all ‘1s’, all ‘0s’ and how ‘1’ and ‘0’ data exist side by side. Note that in FIG.
- the bit cell waveforms for ‘0’ and ‘1’ are the results of creating the so-called flux reversals of “N-N” or “S-S” at the magnetic domains interfaces of the un-encoded strip.
- the encoding must be consistent with the Aiken Biphase convention because the same ‘READ’ heads will be used to decode the Track- 2 data temporarily stored in UACC devices during offline (off the Internet) credit card transactions.
- FIG. 7C shows, as an illustration, how BCD decimal digits ‘0’, ‘5’ and ‘9’ would appear referenced to the un-encoded 5-bit strip of FIG. 7A .
- FIG. 7C shows the orientation of the magnetic domains and the flux reversals at the domain interfaces.
- an encoder head of the present preferred embodiment is designed to be on top of the magnetic domains representing the 5-bit decimal digit, it would be possible to magnetize on command the individual domains in order to create the appropriate flux reversals corresponding to the desired decimal digit. This is illustrated in FIG. 7D .
- the orientation of the magnetic domain 33 when un-coded is S-N as shown in FIG.
- the two contact bits 34 and 35 control which direction the magnetizing current is flowing.
- current I+ will flow in from contact 34 to ground resulting in flipping the orientation of magnetic domain 33 to N-S. Meanwhile the current I ⁇ from “+V” to contact 35 is zero.
- both I+ and I ⁇ are zero and the orientation of magnetic domain 33 will stay as N-S.
- current I ⁇ will flow from “+V” to contact 35 and cause the magnetic domain to revert back to S-N while I+ is zero. No domain flipping occurs if the bits for contacts 34 and 35 are either “1” “0” or “0” “1”.
- the magnetizing effect of 1+ is neutralized by I ⁇ . Both I+ and I ⁇ are zero for the latter case.
- the magnitudes of currents I+ and I ⁇ needed to flip the magnetic domains with coercity of the order of 300-500 gausses (“soft” magnetic stripe found in conventional credit cards) for current carrying conductor of 1-2 microns thick are several hundred milliamperes.
- the electrical power required to encode or decode 12 decimal digits is of the order of tens microwatts.
- each micro-head has a PLUS or MINUS polarity. If the polarity is PLUS, current will flow in one direction so as to generate a N-S magnetizing magnet. Similarly, if the polarity is MINUS, current will flow in the opposite direction so as to generate a S-N magnetizing magnet. So the encoder of the present preferred embodiment will have 2.times.60 micro-heads each with a PLUS and MINUS polarity.
- An especially preferred embodiment of the encoder with the driver electronics and logic is shown schematically in FIG. 8 .
- FIG. 8 shows the 12 decimal digits divided up into 60 bit cells with each bit cell comprising two magnetic domains and each having a PLUS and MINUS polarity. There are therefore a total of 120 magnetic domains that have to be addressed, each with two polarities, making it a total of 240 address lines as shown in FIG. 8 . These addresses lines are accessed in bunches of 10 (5 magnetic domains or 21 ⁇ 2 bit cells). The address originates from using 10 bits of the 16-bit Output port 21 (see FIG. 2 of system block diagram for UACC) and then through the encoder driver 24 (also see FIG. 2 ) as current buffer before being connected to the 24 bunches of 10 address lines.
- Each of the 24 bunches of 10 address lines is accessed with a 32:1 decoder using five of the 16 bits of the Output parallel port 21 .
- the decoder selects one of the 24 bunches of 10 address lines via switch bank 36 (there is a total of 24 switch banks similar to switch bank 36 ) comprising 10 switches each. In essence, it is the switch bank that selects which of the 10 address lines out of the 24 bunches that are being connected to the output of the encoder driver 24 .
- Such a software command is part of the methodology algorithm taught in U.S. Pat.
- the stored algorithm generates the ACCN or in essence, a “Coupon” (Customer's one-time unique purchase order number), from the valid credit card number VCCN and the cardholders PIN when inserted properly into part of the VCCN.
- a “Coupon” Customer's one-time unique purchase order number
- UACC Universal Anonymous Credit Card
- the first six digits (four digits are used to identify the issuer bank and two more digits to designate a specific BIN number) and the last four digits of the ACCN always remain the same as those in the VCCN which signifies the issuer's identification and credit card BIN number, and the expiration date respectively.
- the cardholder can then use this ACCN to complete the transaction with the online merchant. After the cardholder finishes using the ACCN, he or she can either erase it from the LCD display by pressing “*” followed by “#” in the keypad, otherwise the ACCN will disappear from the LCD display automatically after approximately 2 minutes.
- the UACC behaves just like an ordinary credit card. The only difference is that before one hands over the UACC to the merchant for charging the amount, one enters one's PIN after pushing first the “MC” button on the UACC device, which is reserved for magnetic stripe credit card transactions, and then follows it with a “#” key on the keypad. It is assumed here that the cardholder is satisfied with what is being charged on the credit card before the cardholder, in effect, “signs” it digitally in the transaction. Unlike ordinary magnetic stripe credit cards of today, no personal hand signature is needed for off the Internet transactions with the UACC. By entering the PIN, the UACC automatically encodes temporarily the ACCN onto Track- 2 of the magnetic stripe 12 . The use of the resultant ACCN or Coupon is likened to the cardholder already signing the credit card with a personal digital signature for the transaction. The rest of the transaction simply follows that of a regular magnetic stripe credit card with the existing credit card processing infrastructure.
- UACC Universal Anonymous Credit Card
- the UACC can be used in methods for implementing an anonymous credit card transaction between a user and a merchant as is described in U.S. Ser. No. 09/619,859.
- An embodiment of such a method is set forth in FIG. 9 .
- a user must first establish a user account with a credit source.
- the credit source may be a bank, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No.
- the credit source will create one or more user account records associated with the user account to contain a variety of information, including a user account number, a fictitious account name, a “Proxy Agent,” a user key and when applicable, a user insertion key.
- the fictitious account name can be selected by the cardholder or the issuer of the credit card, but it has to be known by both.
- the “Proxy Agent” is used to conceal the cardholder's actual address and still comply with current credit card transaction regulations—in other words, it is a fictitious address. Additional information that might typically be contained within such records includes cross references to other accounts, the user's name and the user's billing address.
- An electronic card such as the UACC card, uses an algorithm to generate a valid personal charge number.
- the electronic card When the electronic card is used in a retail transaction, by merely entering ones own PIN into the electronic card prior to giving it to the merchant for swiping the credit card transaction, one takes full advantage of the secure and anonymous transaction afforded by the electronic card.
- the user can first check his or her alias and entered PIN (note that the PIN is never stored in the electronic card) using the keypad on the electronic card before the electronic card is handed it over to the merchant. Since the cardholder has in effect already signed the transaction with a digital signature (his or her PIN), no additional hand signature is required to complete the transaction.
- the merchant only need receive the PIN-modified anonymous credit card number (ACCN) and the user's alias.
- ACCN PIN-modified anonymous credit card number
- the ACCN and the alias are read by a conventional magnetic stripe reader and are processed in exactly the same fashion as a conventional credit card number and credit cardholder name since such information can be sent to a credit card approval agent for approval of the transaction.
- the credit card approval agent has all of the Information necessary to determine if the transaction is valid or fraudulent.
- the identity of the entity who authorized the credit card, as well as It expiration date, is available in the ACCN in just the same manner as it is available in a conventional credit card transaction.
- the card number is verified by confirming the card number contained in the ACCN as valid for the alias.
- a cardholder To use the electronic card for Internet transactions, a cardholder first enters the PIN into the electronic card exactly like that for off the Internet transactions. Next, the cardholder continues the transaction using only the cardholder's alias, the ACCN appearing in the LCD display and also the cardholders choice of trusted delivery or Proxy Agent (optional) should the cardholder prefer to make this transaction completely anonymous.
- the cardholder By carrying just one electronic card which looks and feels exactly like a regular magnetic stripe credit card, one is now able to make old world credit card transactions like one always has done in the past. But, more importantly, one can now use the same electronic card for making secure and anonymous transactions, anywhere in the world, and for both on and off the Internet transactions.
- this disclosure includes the following methods.
- Method 1 A method for implementing an anonymous Mail Order Telephone Order (“MOTO”) credit card transaction between a user and a merchant, comprising the steps of:
- a user account between a credit source and the user which is associated with a fictitious account name, a user account number, a user key and a user settlement mechanism through which the user can pay the credit source for charges and fees billed to the user account;
- a storage medium affixed to the card that can be read by a card reader but is not readable by a human eye;
- a power source for supplying power to the computer
- the electronic card has a fictitious account name stored in a memory device accessible by the computer, the computer is capable of causing data to be stored in the storage medium and the electronic card is sized such that a standard magnetic stripe reader can read the magnetic storage medium;
- Method 2 wherein the MOTO credit card transaction is conducted between the user and the merchant over a computer network.
- the present disclosure is adapted for use in many kinds of financial transactions. For example, it can be used in credit card transactions, bank or debit card transactions, or electronic script transactions. Because of the versatility of this embodiment, it can be used in connection with a wide variety of instruments that can be used in connection with such financial transactions. Thus, it can be used with electronic cards, software programs used in network applications, or telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce). Moreover, it can be used whether such transactions are conducted in person, face-to-face, or whether such transactions are conducted by an indirect medium, such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
- an indirect medium such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
- a party makes a monetary payment. In the context of the following description, this is the first entity or customer. Another party receives the monetary payment, and this party can be a single party or two or more parties. In the context of the following description, the party or parties that are receiving the monetary payment are referred to as the second entity. Finally, there is at least one party, and usually multiple parties, that serve as intermediaries to allow the customer to transfer monetary value to the second entity.
- the intermediary group of one or more parties will be referred to in the context of the following description as a money source.
- the money source may be one or more banks, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No. 5,913,203 which states, in col. 5, lines 6-17: “Initially, there must be a money source. This is described as a pseudo cash repository, but it does not need to be a single entity. In practice, it can be a single bank, or a single credit card company or a number of affiliated banks (a bank group) or a number of affiliated credit card companies (a card group) affiliated with one or more merchants and set up to do business with one or more money source customers or some other entity or entities that will perform such a function.
- the pseudo cash repository in concept, is similar to an entity that issues traveler's checks (for a non-anonymous cash-like transaction) or a money order (for a potentially anonymous cash-like transaction).”
- U.S. Pat. No. 5,913,203 further states, in col. 6, lines 34-41: “The pseudo cash repository maintains a record of the pseudo cash unit and the fixed monetary value associated with the pseudo cash unit and in an especially preferred embodiment, can be either a computer or a network of computers that operates as the money source. If the pseudo cash repository relies upon a network of computers, the network can be dedicated or it can be connected by an encrypted two-way communication linkage.”
- the first entity need not use a real identity, the first entity must establish an account with a money source. When the account is established, the first entity and the money source must agree upon a payment mechanism or protocol. In the case of a credit card or a bank card, this could be done in the same fashion as exists today, and the first entity could select a fictitious account name as is explained in greater detail in co-pending U.S. patent application Ser. No. 09/619,859. It is especially preferred that two different users not be allowed to select the same fictitious account name so that a fictitious account name also represents a unique identifier. However, the preferred embodiment could also be used in connection with a prepaid account. In such a scenario, the first entity could simply purchase a prepaid card and no real identity would ever be required.
- a user key When the first entity establishes an account with the money source, a user key must be selected.
- the user key can be a Personal Identification Number, or “PIN,” similar to that which is currently in widespread use in the United States in connection with automated teller machines.
- PIN Personal Identification Number
- Both the first entity and the money source must have access to the user key, which can be selected by either entity.
- the money source In order to be able to retrieve this user key, the money source must create a record associated with the first entity that includes the user key and a first entity identifier (whether this be the real name of the first entity or a fictitious account name).
- the first entity Once the first entity has established an account with the money source and a user key has been selected, the first entity must be supplied with the means to generate a customer one-time unique purchase order number (“Coupon”). As already described, this could be hardware or software, but, in either case, it will include a customer random number generator and a customer permutation variable that is correlated with a customer sequence number.
- a “random number generator” shall be defined to include a pseudo-random number generator. The details of how a random number generator (or a pseudo-random number generator) works, and how they can be used to generate a series of random (or pseudo-random) numbers, are well known in the art of cryptography and will not be repeated here.
- the “random number generator” is what has been referred to by H. D. Knoble as a “Portable Quasi-Random Number Generator.” More specifically, it is especially preferred that the random number generator be an additive three part prime modulus multiplicative linear congruent random number generator which can be generated by the following algorithm:
- RN is the random number
- INT stands for an Integer function
- R is calculated as follows:
- the customer random generator is used to generate a sequence of numbers with qualities similar to that of a sequence of truly random numbers.
- the sequence will be fixed for a given algorithm, using a given set of constants, starting from a given seed value.
- a number in such a sequence can be referenced by its position relative to an initial setting, and this shall be referred to as a sequence number.
- a string of one hundred numbers generated by a random number generator can be assigned sequence numbers of 1-100, respectively, which means that the fiftieth number in the string would be assigned the sequence number of 50.
- the customer random number generator and the money random number generator must be synchronized so that they will achieve identical results when the customer sequence number and the money source sequence number are identical. If a money source wants a number of different customers to use the same random number generator but generate different sequences of numbers, such results can be obtained several ways. For example, different customers might have different initial seed values, different customers might have one or more different constants, different customers might have a different permutation variable as an initial setting, or two or more of these options might be employed.
- the first entity When the first entity wishes to generate a Coupon, the first entity enters the user key into the hardware or software used to generate the Coupon. Once the user key is entered, it is combined with a customer permutation variable that is correlated with a customer sequence number to form a customer permutated user key.
- the combination can be done by any number of mathematical functions (simple examples of which are addition, subtraction, division and multiplication) or by any suitable algorithm or set of rules.
- the customer permutation variable and the customer sequence number can be correlated in many different ways, the simplest example of which is that they are identical. Another example of a simple correlation would be to vary the permutation variable according to a preselected algorithm in accordance with the customer sequence number, or through use of the customer sequence number as an input into the algorithm.
- the customer permutated user key and the user insertion key are used as input variables in an algorithm to form a Coupon.
- the customer permutated user key is inserted into a user account number. Simple methods of insertion include addition and substitution, or a combination of the two.
- the customer sequence number is changed, and a new entry of the user key will result in generation of a new customer permutated user key and a new Coupon. Because generation of the Coupon can be done by a computer (whether it be a “traditional” computer or some other device that can be a host computer or a client computer, such as a chip located in an electronic card or telephone), for all practical purposes, the Coupon can be generated as soon as the user key is entered into the computer.
- Coupon Once a Coupon is generated, it can be transferred to a second entity, along with a first identity identifier, to pay for goods or services and, in turn, the Coupon and the first identity identifier can be transferred to the money center.
- the preferred embodiment provides a mechanism to satisfy both desires by the method a Coupon is validated and by allowing the customer random number generator and the money source random number generator to be resynchronized from a first setting to a second setting.
- a Coupon is validated when the money source determines that the Coupon is valid for the first entity identifier submitted with the Coupon.
- the money source determines what Coupons the first entity will generate, and the order in which they will be generated.
- One way that the money source can determine what Coupons will be generated by the first entity is to generate coupons from the same starting input that would be used by the first entity, using the same random number generator.
- the money source uses a money source random generator that uses the same algorithm as the customer random generator (including initial seed(s) and constants), using the same user key.
- the money source when the money source generates a money source Coupon from a money source sequence number that is identical to a customer sequence number used by a customer to generate a Coupon, the money source Coupon should be identical to, and thus match, the Coupon. This, in turn, validates the Coupon.
- Validation of a Coupon is very simple to implement when the customer sequence number and the money source setting are synchronized.
- the money source Coupon could be generated at the time the Coupon is submitted for validation, or it could already be generated, and stored, in a look-up table.
- a customer might generate a Coupon but, for whatever reason, not use it.
- a consumer might make a mistake and not enter the correct user key, and thus generate an invalid Coupon. (Although the latter possibility could be avoided by storing the user key in the hardware/software and confirming that the user key entered is correct, such storage is undesirable since the existence of such a record compromises security).
- validation can be permitted if the Coupon matches any one of a preselected number of money source Coupons generated in series by the money source from an expected starting value of the customer sequence number. (Selection of the preselected number is a matter of design choice that involves a tradeoff between usability and security, and the number might be changed at different times or for different conditions.) Although such series could be generated at the time of submission of a Coupon for validation, it is especially preferred that the series be generated and stored as a sequential set that can be queried upon submission of a Coupon for validation. Using this methodology, once a Coupon is validated, the matching money source Coupon and all earlier created money source Coupons can be deleted from the sequential set. Then, since the sequential set now contains less than the preselected number of Coupons, one or more additional money source Coupons are generated to bring the population of money source Coupons back up to the preselected number (or a newly selected number).
- the money source can store money source Coupons deleted from the sequential set in a recent history file, and this file can be maintained for a preselected length of time. Using this methodology, if a match with a money source Coupon stored in the sequential set does not validate a Coupon, a match with a money source Coupon stored in the recent history file can still validate it. However, the money source might also want to implement additional security measures when validating a Coupon by comparison with the recent history file.
- the money source might also require that the shipping address match an approved shipping address for the first entity.
- the money source might also require independent confirmation of the validity of the Coupon by contacting the first entity, e.g. by telephone or e-mail, if the value of the Coupon exceeds a threshold limit.
- Coupon If a Coupon is not validated, the money source will reject it as invalid.
- the Coupon might be invalid due to error by the first entity, or due to error somewhere during its path of transmission to the money source, or due to fraudulent activity, Accordingly, it is highly desirable not to place a hold on activity by a customer whose first entity identifier has been used with an invalid Coupon until such activity exceeds a threshold level. Once this threshold level has been exceeded because a preselected number of invalid Coupons are not verified for the first entity, an invalid user account number condition can be triggered to prevent any further processing of Coupons submitted with the first entity identifier until the invalid user account number condition is removed.
- Discounted Coupons a first entity has submitted too many invalid Coupons, or has just gotten too far out of synchronization from the money source (e.g., a child playing with an electronic card).
- the first entity could contact the money source, enter the first entity's user key, and provide the money source with the resultant Coupon.
- the money source could then use this Coupon to determine what customer sequence number was used to generate the Coupon, and reset its records accordingly, as is illustrated in the following example:
- the sequential set maintained by the money source contains 10 money source Coupons, that the first entity has previously successfully submitted Coupons for transactions 1 - 5 , and that the first entity's customer sequence number is now 25.
- the Coupon that it will generate will be the 25th Coupon in a string, but the sequential set maintained by the money source will only contain the 6th through 15th Coupons. Therefore, the money source will not generate a match until its 25th money source Coupon is generated, at which point the customer random number generator and the money source random number generator will be resynchronized.
- the money source will generate money source Coupons 26 through 35 and place them in its sequential set of money source Coupons for the first entity, and an invalid user account number condition, if set, can be removed.
- Another way that the customer random number generator and the money source random number generator can be resynchronized is for the money source to provide the first entity with a new seed value to be input into the random number generator, but this would require some mechanism to allow such input. In the case of an electronic card, telephone or other hardware device, a special function key, followed by the input, might perform this.
- Fraudulent activity might also be detected by the nature of invalid Coupons submitted for verification.
- the money source receives a Coupon for verification, it is possible to work backwards from the Coupon to determine what user key and permutation variable were used to generate the Coupon for a given sequence number. Based upon what user keys were used in generating invalid Coupons, it might be possible to spot potential fraudulent activity. It is also possible to detect or deter fraudulent activity, and increase security, if the user key is periodically changed. This can be done when the first entity and the money source validly agree to change the user key, and the money source's records are changed accordingly (including the money source Coupons contained within the sequential set).
- Method 1 A method for providing multiple secure transactions between a first entity and at least one additional entity, comprising the steps of
- Method 2 A method as recited in method 1, wherein the second entity is comprised of a plurality of different entities.
- Method 3 A method as recited in method 1, wherein the customer random number generator and the money source random number generator are resynchronized from a first setting to a second setting.
- Method 4 A method as recited in method 1, wherein the customer sequence number is changed every time a Coupon is generated.
- Method 6. A method as recited in method 5, wherein the customer sequence number is changed every time the user key is entered into the input device.
- Method 7. A method as recited in method 1, comprising the following additional steps: setting an invalid user account number condition if a preselected number of Coupons are not verified for the first entity; and terminating step (5) when the invalid user account number condition is set.
- a one-time payment card number refers to a payment card number of either a credit or a debit card, generated in accordance with the present invention, that is useful in financial transactions in the same fashion as a traditional payment card number.
- a one-time payment card number should be capable of being read by a standard magnetic stripe reader when it is part of a physical card used in traditional face-to-face transactions in which a user presents the physical card to a merchant for payment.
- a one-time payment card number should also be capable of being used in a Mail Order Telephone Order (“MOTO”) credit card transaction between the user and a merchant.
- MOTO Mail Order Telephone Order
- the one-time payment card number should fit within, and work with, present platforms and protocols for financial transactions involving payment cards, such as traditional credit cards. This versatility allows the one-time payment card number to be used with electronic cards, software programs used in network applications, or telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce).
- a traditional payment card number can be characterized as having three parts.
- a user one-time payment card number is akin to a traditional payment card number, with certain exceptions.
- a traditional payment card number there might be a set of six fixed variables, followed by a set of nine variable variables, followed by a check sum digit and another set of four fixed variables representing the month and year.
- the transaction is always completed by using the same twenty digits for the payment card number.
- the user uses a one-time payment card number to complete any such given financial transaction, the transaction will not be completed by always using the same twenty digits for the payment card number.
- the twenty digits of the one-time payment card number will vary, and the degree to which they vary may depend upon user selection of a customization parameter.
- the check sum digit will not necessarily be the same with successive usage, although it may be.
- the check sum digit must be recalculated for each new one-time payment card number, and this is why it shall be referred to as a “check sum variable” in the context of a one-time payment card number according to the present invention.
- Another difference between a traditional payment card number and a one-time payment card number is the way that a given transaction using either number is validated by a verification agency, which may be a money source or an entity who processes payment card transactions.
- a verification agency When a transaction involving a one-time payment card number is processed, the verification agency must verify that the one-time payment card number is valid for the user identifier for the particular given transaction, as opposed to any given transaction involving the user identifier. (The verification process must take into account how selection of the customization parameter may affect what the verification agency will receive for verification. Additional details regarding procedures that can be used to verify a one-time card number that can be customized are set forth in U.S. Pat. No. 6,609,654.) This difference is a reason why use of the one-time payment card number provides greater security and anonymity than can be obtained through use of a traditional payment card.
- a card number generator generates a one-time payment card number. As already described, this could be hardware or software, but, in either case, it will preferably include a customer random number generator and a customer sequence number. It is especially preferred that the card number generator be part of an electronic card, and that the electronic card be of the type described in U.S. application Ser. No. 09/571,707 filed May 15, 2000 for Anonymous Electronic Card for Generating Personal Coupons Useful in Commercial and Security Transactions, or in U.S. application Ser. No. 09/667,835.
- the preferred embodiments allow a user to customize use of an electronic card having a card number that varies with each use by selecting at least one customization parameter to customize a given use of the electronic card.
- the user can customize generation of the one-time card number. This can be done many different ways.
- An example of one way in which it can be done is to customize selection of a selected user key that is used to generate the one-time card number as is explained in U.S. Pat. No. 6,609,654.
- Another way in which it can be done is to include a customization variable in the one-time card number, or as an input into the algorithm used to generate the one-time card number.
- the user can customize the user identifier that is used to validate the one-time card number. This can be done many different ways. One way is to choose one of two or more preselected identifiers as a selected user identifier. Another way is to modify the user identifier. Still another way is to add a customization variable, such as a numeric character, to the user identifier at a preselected location.
- the user can include a customization variable with information transmitted to a verification agency for validation of the given use. Unlike the first two customization parameters, this parameter relies upon use of an additional field of data collected as part of the validation process for a given transaction, and this may require a change in established validation protocols. It is especially preferred that any such change be technically feasible within the confines of hardware that is being used to process traditional payment card transactions. In the context of an electronic card with a magnetic stripe, this means that it is preferred that the additional customization variable be stored in the magnetic stripe, and it is especially preferred that it be stored in the second track of the magnetic stripe. Additional details regarding inclusion of a customization variable in a magnetic stripe are set forth in U.S. Ser. No. 09/667,089.
- the money source can determine what customization parameter(s) was selected by the user for the given transaction, which allows the money source to determine what handling option should be used for the transaction involving the one-time payment card number. (It also allows the money source to determine what sequence number is associated with the one-time payment card number, so that its records can be synchronized as part of the validation process.)
- One use of multiple handling options is to allow the money source to access multiple accounts. For example, a user might use one account as a credit card, and another account as a debit or checking card. By choosing which account should be used for a given transaction, the user could determine, at the point of use, whether to charge the transaction, or have it deducted from an existing account balance. The same idea could be used for multiple credit cards, whether they are from the same issuer or different issuers, or even different cards, such as Visa®, MasterCard? Diner's Card®, Discover® or American Express®. In addition, the user might elect to have separate billing statements for separate accounts, or have all billing consolidated in a single statement.
- Another use of multiple handling options is to allow identification of the person completing a transaction, or to allow multiple persons access to a single account, or place different restrictions on multiple persons on a single account, For example, a single account might be opened with an issuing bank, but an entire family might be authorized to use the account. Thus, a father and a mother might have their own customization parameter, a teenage child might have another customization parameter and a lower authorized spending limit, and a preteen child might have a fourth customization parameter, but only be authorized to engage in a certain limited number of transactions per time period with a maximum spending limit for each transaction. All the members of this family could use the same card number generator embedded within a PDA or mobile phone, or on a computer or in an electronic card. At the end of a specified billing cycle, all transactions completed by any member of this family could be consolidated in a single bill, and that bill could indicate who spent what when during the billing cycle, and what it was spent on.
- Still another use of multiple handling options is to allow a user to classify the nature of a particular transaction at the time it is completed. For example, suppose an individual uses a single credit card for personal expenditures and business expenditures. By assigning one customization parameter to personal transactions, and a second customization parameter to business transactions, the user can simplify accounting for such transactions without the necessity of having and carrying two separate cards. If desired, the user could even receive two separate statements for such expenditures so that the personal expenditures would not be discernable from the documentation associated with the business expenditures. Individual transactions could also be classified according to a preselected set of criteria, and such criteria could be used in various financial programs. For example, a user might include a code classification system used in a money management system to create various reports that itemize categories of spending or assist in budgeting of finances.
- Yet another use of multiple handling options is to allow a user to preselect how a particular transaction is treated in a subsequent bill. For example, an individual user might not want a billing statement to include information about the identity of second entities who provide certain goods or services, or when transactions with such entities take place, but still want to have the billing statement include such information for other transactions. By selecting two different customization parameters with these two different handling options, the user has the option of controlling what information it receives in billing statements about individual transactions.
- Multiple handling options can also be used to guard privacy, or for commercial purposes that do not presently exist.
- the user and the money source might enter into an agreement about how, and under what circumstances, the money source can distribute information about transactions of the user, depending upon which customization parameter is used in a given transaction.
- the agreement might provide different levels of confidentiality, and set up different levels or types of compensation tied to transactions falling within the different levels for a given time period.
- One level of confidentiality might restrict distribution of any information concerning a transaction by the money source to any third party. For example, a user might want strict confidentiality of any transaction involving medical services, and would not want the money source to divulge that information to any party unless legally required to do so. Or, maybe the user does not want any third party to learn of any transaction that exceeds a certain dollar amount, for fear of a potential deluge of unsolicited advertising. A user might pay a monthly fee for use of this option, a transaction based fee, or no fee at all.
- a second level of confidentiality might permit distribution of any information concerning a transaction by the money source to any third party. Such information is potentially valuable for purposes of advertising, and creating profiles for targeted marketing, and the money source might even pay the user for the right to sell such information.
- a third level might permit distribution of certain information concerning a transaction (such as the payee, the amount of purchase, the date of purchase, and a profile of the user), but restrict distribution of other information concerning a transaction (such as the identity of the user).
- Another level of confidentiality might restrict distribution of information concerning a transaction to any third party, but allow the money source to use such information for its own marketing efforts directed to the user.
- the present disclosure is related to the concept of customer one-time unique purchase order numbers (“Coupons”) as described in U.S. Ser. No. 09/640,044.
- An algorithm is executed that uses a user account number, a customer sequence number, a customer permutated user key, and a Transaction Information Block (TIB) as input variables to form an SCN that is correlated with a sequence number.
- TIB Transaction Information Block
- TDES Triple Data Encryption Standards
- a random number generator generates the user insertion key that is correlated with the sequence number.
- the TIB may provide several pieces of information, including the conditions under which the SCN will be valid (i.e., the SCN type), additional account identification information, and the status of the device used for SCN generation.
- the sequence number can be changed after each SCN is generated and a new SCN can then be generated using a new user insertion variable correlated to the changed sequence number.
- an SCN After an SCN is generated, it is transferred with a first entity identifier to a second entity (which can actually be several entities), which then transfers the information to a money source.
- An individual SCN is verified as being valid by the money source by duplicating the generation of the customer permutated user key for the specified first entity and the specified sequence number, and then comparing it to the customer permutated user key which is embedded in the provided SCN. Additionally, the money source verifies that the specified SCN type is valid given the specific conditions of the transaction. Once verified as valid, each SCN passes through a life cycle in accordance with conventional credit card processing practices and with its SCN type, in which it may be used for various types of transactions before being retired. If a preselected number of SCNs are received by the money source and determined to be invalid (either consecutively or within a predetermined timeframe), then an invalid user account number condition is set to prevent further attempts to verify SCNs for that first entity.
- a user key can be entered into an input device which validates the user key by comparing it to a stored user key. If the entered user key is valid, the user can generate an SCN. The sequence number changes each time a user key is entered into the input device.
- a preferred embodiment of this disclosure is adapted for use in credit card transactions, and as such can be used in connection with a wide variety of instruments that can be used in connection with such financial transactions: electronic cards, software programs used in network applications, telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce), or even physical imprint transactions. Moreover, it can be used whether such transactions are conducted in person, face-to-face, or whether such transactions are conducted by an indirect medium, such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
- an indirect medium such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
- a party presents a credit card account number with the intent to initiate a monetary payment (or credit/return). In the context of the following description, this is the first entity or customer. Another party receives the credit card account number with the intent to receive a monetary payment (or credit/return), and this party can be a single party or two or more parties. In the context of the following description, the party or parties that are receiving the credit card account number are referred to as the second entity or merchant Finally, there is at least one party, and usually multiple parties, that serve as intermediaries to the monetary payment (or credit/return).
- the second entity provides the credit card account number to this party over several transactions to effect the monetary payment (or credit/return): authorization, incremental authorization, authorization reversal, settlement, and credit/return.
- the intermediary group of one or more parties will be referred to in the context of the following description as a money source.
- the money source may be one or more banks, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No. 5,913,203.
- the first entity need not use a real identity, the first entity must establish an account with a money source. When the account is established, the first entity and the money source must agree upon a payment mechanism or protocol. In the case of a credit card or a bank card, this could be done in the same fashion as exists today, and the first entity could select a fictitious account name as is explained in greater detail in co-pending U.S. patent application Ser. No. 09/619,859. It is especially preferred that two different users not be allowed to select the same fictitious account name so that a fictitious account name also represents a unique identifier. However, the preferred embodiment could also be used in connection with a prepaid account. In such a scenario, the first entity could simply purchase a prepaid card and no real identity would ever be required.
- a user key When the first entity establishes an account with the money source, a user key must be selected.
- the user key can be a PIN, similar to that which is currently in widespread use in the United States in connection with automated teller machines.
- Both the first entity and the money source must have access to the user key, which can be selected by either entity.
- the money source In order to be able to retrieve this user key, the money source must create a record associated with the first entity that includes the user key and a first entity identifier (whether this be the real name of the first entity or a fictitious account name).
- the first entity Once the first entity has established an account with the money source and a user key has been selected, the first entity must be supplied with the means to generate a customer SCN. As already described, this could be hardware or software, but in either case it will include a user account number, a customer random number generator that will be used to generate user insertion keys that are correlated with a customer sequence number, and TDES encryption keys.
- the TDES encryption standard is the accepted standard for protecting a PIN during data transmission of financial transactions, as described by ISO 9564-1-1991 (Banking—Personal Identification Number Management and Security—PIN Protection Principles and Techniques, Section 6.2), ISO 9564-2-1991 (Banking—Personal Identification Number Management and Security—Approved Algorithms for PIN Encipherment), ANSI X9.52-1998 (Triple Data Encryption Algorithm—Modes of Operation), and FIPS PUB 46-3 (Data Encryption Standard (DES), dated 1999), the disclosures of which are specifically incorporated herein by reference.
- ISO 9564-1-1991 Banking—Personal Identification Number Management and Security—PIN Protection Principles and Techniques, Section 6.2
- ISO 9564-2-1991 Banking—Personal Identification Number Management and Security—Approved Algorithms for PIN Encipherment
- ANSI X9.52-1998 Triple Data Encryption Algorithm—Modes of Operation
- a customer random number generator such as the one that is described in U.S. patent application Ser. No. 09/640,044, filed Aug. 15, 2000 and which is generally known as a Linear Congruential Generator (LCG), is used for this purpose.
- This random number generator is algorithmic (i.e., pseudo-random)—when starting with the same set of seeds, it always produces the same sequence of numbers. It can therefore be reproduced by the money source in order to validate a given SCN.
- each of the values in the sequence can be identified by a Counter value that indicates that number's location in the sequence.
- the set of random numbers generated and combined with the PIN are collectively referred to as the Sequence Insertion Number (SIN).
- the money source method of SCN validation must be based on an embedded sequence value.
- the Counter value is used for this purpose in the preferred embodiment.
- this method can be used to generate SCNs of many different lengths.
- a credit card number is typically 16 digits in length.
- Such a number comprises three sub-numbers: a 6 digit Bank Identification Number (BIN), a 9-digit account number, and a 1-digit checksum number.
- BIN Bank Identification Number
- the SCN could be 9 digits in length, and could take the place of the account number in the conventional 16-digit credit card number.
- the 9-digit SCN itself comprises three sub-numbers: a 1 digit TIB, a 4 digit Counter Block (which identifies the random number being used for encryption), and a 4 digit encrypted PIN Block.
- the 1 digit TIB may take on up to 10 different values, each of which may indicate multiple pieces of information.
- the TIB can be used to determine which of a plurality of account numbers associated with the first entity should be used for the first transaction.
- the account numbers can represent, for example, different credit card accounts or different payment or credit cards.
- a first account number might be associated with the TIB value of 0, a second account number might be associated with the values of 1 and 2, a third account number might be associated with values of 3 and 4, and so forth, wherein any odd value may be restricted to a one transaction limitation while any even value may be used to invoke permission for multiple transactions at a single merchant.
- a TIB value of 0 indicates that the SCN may only be used for one transaction; any attempts to use it for subsequent transactions will result in a transaction denial from the money source.
- a value of 1 indicates the same transaction restrictions as 0, but also indicates that the device generating the SCN has a low battery power condition.
- a low battery power condition can be detected by a diagnostic program or it can be extrapolated from an empirical record (or counter) of the number of transactions presented for authorization. The transaction counter used to extrapolate a low batter power condition can be collected from the firmware used to generate SCNs or from software behind the money source firewall.
- a value of 2 indicates that the SCN may be used for multiple transactions, but only at a single merchant; any attempts to use it for subsequent transactions at a different merchant will result in a transaction denial from the money source.
- a value of 3 indicates the same transaction restrictions as 1, but also indicates that the device generating the SCN has a low battery power condition.
- a set of TIB values (4, 5, 6, 7) might represent the same restriction and status information as (0, 1, 2, 3), respectively, but further indicate that the transaction is associated with a different subentity (e.g., the first entity identifier identifies a married couple, and the TIB identifies each individual spouse.)
- Other values might also be used to enforce additional transaction restrictions in ways readily apparent to those skilled in the art.
- the TIB can also be used by the money source to uniquely identify a physical device (such as an electronic card) used to generate the SCN.
- This aspect of the TIB is especially useful when the money source issues more than one card to a first entity. Multiple cards might be issued to the same person (i.e., the first entity) for different uses, or multiple cards might be issued to the same person for use by different individuals (such as family members). In such instances, the TIB can identify which physical card, issued to the first entity, is used for a given transaction. When the TIB is used in this way, the TIB can be used as a customization variable to recognize multiple cards otherwise issued to a single first entity (which might also be a legal entity, such as a corporation).
- the 4-digit Counter Block is unencrypted information provided so that the money source may decrypt and validate the SCN. It may be simply the actual Counter value (incremented after each use), but in the preferred embodiment, it is created by adding the Counter value to a starting value known to both the first entity and to the money source.
- the 4-digit PIN Block is the encrypted information that is used to validate the fact that the SCN originated from the first entity.
- the PIN Block is formed using the PIN, the SIN, and a starting value known to both the first entity and to the money source. It is encrypted using TDES, which requires use of three 64-bit keys known to both the first entity and to the money source. In order to encrypt such a small number (16 bits) with such a high level of encryption (158 bits), the PIN must first be expanded to a 64 bit number, then encrypted, and finally reduced back to a 16 bit number—and in such a way that it is guaranteed to be different for each transaction.
- the SIN is the product of an LCG random number generator that is initialized with three 2-byte integer seeds—the result of operating the LCG on these seeds is a 2-byte random value.
- the 8-byte SIN consists of the three seeds plus the random value.
- the LCG also produces three new seeds, which will be used for the next iteration of the LCG algorithm.
- the SIN may therefore be associated with a Counter value that indicates a unique location in the sequence of seeds and value generated by the LCG. This SIN is used as the random basis for each successively TDES-encrypted PIN Block, and guarantees a properly encrypted PIN Block for each transaction.
- the Counter value stored in the Counter block is the one associated with the SIN used as the random basis for the PIN Block.
- the creation of the PIN Block starts by dividing the 8-byte SIN into four 2-byte integers.
- the PIN and a predefined constant value are both added to each individual 2-byte integer.
- the results are then concatenated back again to form an 8-byte input block to the TDES algorithm, which encrypts them into an 8-byte output block.
- the output block is then divided back into four 2-byte integers (x1, x2, x3, x4). These four values are then used in the following formula to produce the 4-digit PIN Block value P:
- the four values (A,B,C,D) are each odd integers.
- the “mod” calculation is a standard modulo arithmetic operation, and works as follows: if the resulting number is greater than 10,000 (or 20,000 or 30,000, etc.), then the value of 10,000 (or 20,000 or 30,000, etc.) is subtracted from it, leaving a positive four digit value.
- the SCN is transmitted along with the first entity identifier from the first entity to the second entity and, subsequently, to the money source.
- the SCN is used in an account number that replaces the conventional credit card number
- the first entity identifier is a static 9 digit number pre-assigned to the first entity that is transferred to the money source in a non-account data field.
- the first entity identifier is dynamically encoded onto Track 1 and/or Track 2 of the magnetic stripe in the area known as the Discretionary Data Field, which comprises up to 13 digits of information.
- the first entity identifier is transmitted as part of the Billing Address field in one of many possible forms. For example, it may be entered as “P.O. Box ⁇ first-entity-identifier”.
- the SCN is not used in an account number to replace the conventional credit card number, but is instead used in conjunction with it—the conventional credit card number itself functions as the first entity identifier, and the SCN is used as a dynamic digital signature to positively identify the first entity and is transferred to the money source in a non-account field of data.
- the SCN is transmitted either in the Discretionary Data Field of Track 1 and/or Track 2 or via the Billing Address in a card-not-present transaction.
- the Money Source validates the SCN by using the first entity identifier to lookup the information necessary to reproduce the PIN Block encryption for the first entity: the TDES keys, the LCG Seeds, and the PIN.
- the Money source determines the Counter value by examining the Counter Block, reproduces the calculation of the PIN Block, and then compares the results to the received PIN Block to perform the actual validation.
- the Money Source also validates the usage of the SCN based on the embedded TIB. It therefore enforces the various policies based on the first entity's previous transaction history: single-use, multiple-use for single merchant, card-present only.
- the SCN when used in an account number in place of the conventional credit card number, it passes through the standard credit card transaction life-cycle: initial authorization, potential incremental authorization, potential authorization reversal, settlement, and potential credit/return.
- the SCN is only used for initial authorization—beyond that, the Money Source performs its standard transaction processing.
- the Money Source may detect fraudulent transaction attempts in various ways. In both the embodiment where the SCN replaces the conventional credit card number, the Money Source may check for re-use of single-use SCNs, use of SCNs without first entity identifiers when the card is not present, re-use of multiple-use/single-merchant SCNs at a different merchant, or SCNs with invalid PIN Blocks. Each of these cases represents a different type of fraud. The Money Source may take various actions in response to each of these types of attacks, such as disabling the account after an excessive number of fraudulent transaction attempts, or returning the code indicating that the merchant should retain the credit card being used for the transaction.
- the Money Source detects fraudulent authorization attempts such as re-use of single-use SCNs, re-use of multiple-use/single-merchant SCNs at a different merchant, SCNs with invalid PIN Blocks, or use of the conventional credit card number on an SCN-enabled account without inclusion of an SCN when the card is not-present.
- This last case covers simple Internet fraud attempts, but allows, for example, a manual-entry transaction at a POS machine or an imprint transaction.
- the Money Source may take the same types of actions as described above.
- the preferred embodiment allows the SCN, when paired with a conventional credit card number, to be validated by back-end software that is integrated with the issuing money source's authorization and settlement processing.
- An issuing money source can identify an SCN-enabled credit card account in an issuer-determined fashion (e.g., a unique Bank Identification Number). It then forwards select transaction information to the SCN-enabling software, which is installed behind the issuing money source's firewall, which validates the SCN.
- This means that software generating the SCN can be allowed operate in isolation—it does not have to be in communication with the back-end software—and thus it can be embedded in a credit card or other standalone device.
- the inventions described above can be implemented by a money source for use with an electronic card. It is preferable that every user account utilizes the same Pseudo Random Number Generator (PRNG), such as the PRNG described in P. L′Ecuyer, “Efficient and Portable Combined Random Number Generators”, Communications of the ACM, 31(6):742-749,774, 1988, the disclosure of which is specifically incorporated herein by reference.
- PRNG Pseudo Random Number Generator
- each cardholder account has a different initial seed, and thus uses a different part of the PRNG sequence. Since the PRNG has an overall period of 10.sup.12, there is ample room for each account to have its own non-repeating subsequence of 10,000 values.
- the PRNG is divided into two parts: seed generation (Formula 2) and value calculation (Formula 3).
- the set (S.sub.x.sup.0, S.sub.x.sup.1, S.sub.x.sup.2) is a triplet of five-digit values in the range ([1, 32362], [1, 31726], [1, 31656])), and represents the seed in the x.sup.th location in the sequence.
- Z is interim storage for the pseudo random number
- PRNG[x] indicates the pseudo random number in the x.sup.th location in the sequence. Note that for the practical usage of this algorithm, “x” corresponds to the current Counter value.
- Formula 2 For each transaction, Formula 2 generates the seed (based on the previous seed) and Formula 3 generates the PRNG value.
- the initial PRNG seed (which generates value 0 in the PRNG sequence) is pre-assigned to the card. Additionally, the most recently used seed is stored in Random Access Memory (RAM).
- RAM Random Access Memory
- the card runs through both Formulas 2 and 3 exactly once, and then updates the seed storage in RAM.
- the Counter value is also stored in RAM, and is initialized to the value of 1 at the time the card is manufactured. Multiple values of the Counter are stored to detect accidental corruption. Each time an SCN is generated, the current value of the Counter is used. The Counter is then incremented by 1, and stored again for the next use.
- the SCN is calculated in an algorithmic fashion, it is possible to pre-calculate the values for a given first entity, and store them on an electronic card. This embodiment is most useful where it is more advantageous to store a large amount of data on the electronic card than it is to perform the algorithms discussed above.
- this disclosure teaches a method for providing one or more secure transactions between a first entity and at least one additional entity, comprising the steps of (1) using an electronic card to generate a Secure Card Number (“SCN”) for the first entity, wherein the SCN is comprised of (a) a Transaction Information Block (“TIB”); (b) a Counter Block; and (c) an encrypted Personal Identification Number (“PIN”) Block; (2) transferring the SCN and a first entity identifier to a second entity in a first transaction; (3) transferring the SCN and the first entity identifier from the second entity to a money source; and (4) verifying that the first transaction is valid with the money source by use of the first entity identifier and the SCN; wherein the TIB can be used for invoking one or more restrictions on use of the SCN; and wherein the TIB is used by the money source to determine whether the device which generated the SCN has changed status condition.
- SCN Secure Card Number
- the changed status condition can be a low battery condition detected by a diagnostic program or by using an empirical record of the number of transactions presented for authorization and determination of the low battery condition can be made by the electronic card which also keeps the empirical record. Alternatively, determination of the low battery condition is made by the money source which the empirical record.
- the changed status condition can also be an invalid user input status.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Security & Cryptography (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Credit Cards Or The Like (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
Abstract
Methods for providing secure transactions in which a customization parameter and an encrypted transaction validation code are received from a user to positively identify a transaction for a user who has a first entity identifier. The validation code and first entity identifier are used by a money source which electronically verifies that the transaction is valid by use of the first entity identifier and the validation code while the first transaction is customized through use of the customization parameter.
Description
- The present application is a continuation application of U.S. patent application Ser. No. 10/968,401, filed Oct. 18, 2004, which was a continuation application of U.S. patent application Ser. No. 09/960,714, filed Sep. 21, 2001, which was a continuation-in-part application of U.S. application Ser. Nos. 09/667,081 and 09/667,089, filed Sep. 21, 2000, which are continuation-in-part applications of U.S. Ser. No. 09/659,434, filed Sep. 8, 2000, which is a continuation-in-part of U.S. Ser. No. 09/640,044, filed Aug. 15, 2000, which is a continuation-in-part of U.S. Ser. No. 09/619,859, filed Jul. 20, 2000, which is a continuation-in-part of U.S. Pat. No. 6,592,044, all of which disclosures are specifically incorporated herein by reference. The present application' is also related to U.S. patent application Ser. Nos. 09/667,835, 09/667,089, and 09/667,082, all of which were filed on Sep. 21, 2000, and all of which are specifically incorporated herein by reference.
- The present invention is in the field of methods for customizing secured transactions between multiple parties that are verified by a money source.
- Three forms of money in widespread use today throughout the world are cash, checks and payment cards (debit or credit). Each has distinct advantages, and distinct disadvantages. Cash is readily accepted, easy to use and anonymous, but it does not earn interest, it can be lost or stolen, and it is not always readily accessible. Checks are not always accepted, but they offer many advantages, since they do not have to be written until the time of payment. However, they must be physically presented and they are not anonymous. Payment cards are readily, but not always, accepted, and they offer many advantages over checks. If the card is a credit card, payment can be deferred, but the transaction is not anonymous. If the card is a debit card, payment has usually been made prior to its use, but it is anonymous. Accordingly, it is apparent that different types of money have different advantages to different persons in different situations. This may be one reason why all these forms of money are still in widespread use, and are even used by the same persons at different times.
- As society and international commerce have become more dependent upon electronic transactions, money has also become more electronic. Many attempts have been made to come up with suitable forms of electronic money that mimic the physical world, or even create new forms of electronic money. However, despite the enormous need for such money, and efforts by some of the best minds and most successful companies in the world, electronic money has suffered many setbacks and been far slower to materialize than many had hoped or predicted. The reasons are many and varied, but some of the obvious reasons are security, ease of use/operation, and unwillingness of the public and/or commerce to make radical changes or embrace new technology and/or procedures. As a result, many efforts, including several potentially promising efforts, have met with failure.
- Even though new forms of electronic money have been slow to develop or gain widespread acceptance, electronic payments have still moved forward. Many banks now offer some form of electronic checking. And payment cards have been used for electronic transactions in e-commerce and m-commerce (mobile commerce). Still, there is widespread concern about the safety of such transactions, and recent news stories have uncovered widespread fraudulent activity associated with use of traditional credit card numbers in e-commerce over the Internet. In addition, there is growing concern about consumer privacy, or lack thereof, due to widespread electronic profiling of consumers who make electronic payments.
- Although the media has been quick to cover fraud associated with use of credit cards over the Internet, it is often overlooked, at least by the public and the media (but not the credit card companies), that the majority of fraudulent activity concerning credit cards is not associated with e-commerce activity. Most fraud occurs in the “brick and mortar” world, and the numbers are daunting. Despite many attempts to combat unauthorized or fraudulent use of credit cards, it is estimated that credit card fraud now exceeds hundreds of millions, if not several billion, dollars per year. And this does not even count the cost of inconvenience to consumers, merchants and credit card issuer/providers, or the emotional distress caused to victims of such fraud, or the cost to society in terms of law enforcement and preventative activities.
- Accordingly, there is a very real, long-felt need to reduce the amount of fraudulent activity that is associated with credit cards, and this need has only grown more acute as consumers and commerce search for better ways to purchase and sell goods and services via e-commerce and m-commerce. However, any solution needs to be something that is acceptable to the public at large. It should be easy to use. It should not be complicated or expensive to implement. Preferably, it should fit within the existing infrastructure, and not be something that requires a great deal of educational effort, or a radical change in behavior or habits of consumers. In other words, it should be user friendly, readily understandable and something that does not require a completely new infrastructure, which is a reason suggested by some as to why smart cards have not been widely accepted in the United States.
- In addition, it is highly desirable that any solution to such problems be capable of widespread use, in many different platforms, for many different applications.
- In U.S. Pat. No. 5,956,699 issued in September of 1999, Wong and Anderson were the first to introduce the methodology of a system for secure and anonymous credit card transactions on the Internet. This patent introduced a system which used an algorithm to use one's own selected Personal Identification Number or PIN as one's own de facto digital signature. The algorithm instructs the cardholder how to insert one's PIN into one's valid credit card number before using it for any transactions on the Internet. The resultant scrambled up credit card number, which is tailored by the algorithm to having the same number of digits as before, is rendered useless on the Internet because the PIN insertion algorithm is changed automatically after every transaction. This methodology is not only capable of drastically reducing credit card fraud on the Internet, it is also capable of safeguarding one's anonymity, and thus privacy, in credit card purchases on the Internet.
- Since the issuance of U.S. Pat. No. 5,956,699, Wong and Anderson have also invented an anonymous electronic card for generating personal Coupons useful in commercial and security transactions, as well as various methods related to earlier work.
- The present invention is generally directed to methods for providing one or more secure transactions between a first entity and an additional entity. In each method, a customization parameter is received from the first entity along with an encrypted transaction validation code which positively identifies a transaction for the first entity who has a first entity identifier. The validation code and the first entity identifier are used by a money source which electronically verifies that the first transaction is valid by use of the first entity identifier and the validation code while the first transaction is customized through use of the customization parameter. In one method the first entity identifier can be transferred to the money source as an account number and the validation code can be transferred to the money in a non-account data field. In a second method the money source validates the validation code by duplicating the encryption process used to create the validation code and then compares the result to the validation code received with the first transaction. In a third method the validation code is, at least in part, encrypted, and the money source validates the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received with the first transaction.
- The customization variable can be used to select between a first handling option and a second handling option between the money source and the first entity. For example, such options can be mechanisms to bill a first account and a separate second account and the user can be sent a single bill for charges to both accounts, or separate bills. The two accounts can be credit accounts established with different money sources. The handling options can provide different mechanisms for dealing with distribution of information concerning different transactions, such as restricting the distribution of information from the money source to a third party for any transaction in which the user payment card number is generated by use of the a first user key or restricting distribution of personal information of the user relating to any payment card transaction, and the user may either provide or receive consideration for such handling options, Different handling options may be invoked by use of a second user key. The handling options can also provide a mechanism for classifying the nature of card transactions, such as noting personal transactions or identifying different users, and approval of a transaction can be subject to different restrictions depending upon whom the user is. The handling options can also be used to control what information is reported about a transaction in a billing statement.
- The validation code can be formed by using a Triple Data Encryption Standard algorithm (“TEDS”). The money source can obtain the customization variable from the validation code and the customization variable can be received through use of at least one button.
- Accordingly, it is a primary object of the present invention to provide improved methods for providing more secure transactions between multiple entities.
- This and further objects and advantages will be apparent to those skilled in the art in connection with the detailed description of the preferred embodiments set forth below.
-
FIG. 1 is a physical layout of a preferred embodiment of a Universal Anonymous Credit Card (UACC) disclosed in U.S. Pat. No. 6,592,044 which is one electronic card useful in accordance with the present invention. -
FIG. 2 is a system block diagram of a preferred embodiment of the Universal anonymous Credit card (UACC) useful in accordance with the present invention. -
FIG. 3 is a physical layout of a preferred embodiment of the Universal anonymous Credit Card (UACC) useful in accordance with the present invention. -
FIG. 4 shows an un-coded magnetic stripe likened to a series of aligned South-North magnetic domains. -
FIG. 5 shows a sudden introduction of a strong magnet having an opposite orientation on top of a magnetic domain of the magnetic stripe causing flux reversals. -
FIG. 6 shows flux reversals caused by sudden introduction of strong magnet having opposite magnetic orientation on top of a magnetic domain in a magnetic stripe. -
FIG. 7A is an un-coded portion of a track of a magnetic stripe having 5 bit cells showing no flux reversals. -
FIG. 7B shows a representation of all “0”, all “1” and “0” and “1” side by side according to the Aiken Biphase encoding code. -
FIG. 7C shows a representation of decimals “0”, “5” and “9” in the Aiken Biphase encoding standard. -
FIG. 7D shows one embodiment of an encoder head of the present invention. -
FIG. 8 shows one embodiment of an encoder of the present invention with drive electronics and logic. -
FIG. 9 is a simplified, schematic diagram of one embodiment used to generate a customer one-time unique purchase order number by a customer. - The present invention is related to U.S. Pat. Nos. 5,913,203, 5,937,394 and 5,956,699, the disclosures of which are all specifically incorporated herein by reference.
- U.S. Pat. No. 6,592,044 provides the following disclosure of an electronic card.
- A unitary, self-contained electronic device is provided having physical planar dimensions that are essentially identical to those of a conventional magnetic stripe credit card, which is widely used in electronic commerce today. The device has seven basic components, although it is possible to combine some of these components together.
- The first component is the card base. The other components, in one way or another, are attached to this base.
- The second component is a computer. It is preferable that the computer be a single integrated chip, but it need not be A computer typically contains a central processing unit connected to both storage memory and random access memory (RAM). RAM is used to load and run application programs as well as for storing data during run time. The storage memory can hold a variety of computer programs.
- The third component is a display controlled by the computer. In the preferred embodiment, this is a liquid crystal display (LCD). The LCD can be controlled by a LCD driver, and the LCD driver can be contained in storage memory of the computer. In an alternative embodiment, the third component could be an electronic ink display, which is a novel and newly available display medium. The electronic ink display can be fabricated with highly flexible physical dimensions, especially in thickness, which is likened to a thin piece of paper and also much cheaper to manufacture than conventional LCD display.
- The fourth component is an input mechanism. In the preferred embodiment, this is a keypad. However, it is possible that the input mechanism might rely upon voice recognition as this technology becomes more and more developed.
- The fifth component is a magnetic storage medium. In the preferred embodiment, this is a magnetic stripe.
- The sixth component is an encoder for generating a data packet that is stored in a designated portion of the magnetic storage medium. This component is what allows the electronic device to be dynamic by relying upon an input to generate the data packet.
- The seventh component is a power source. In the preferred embodiment, this is a battery or a solar cell.
- A primary function of this electronic device, which shall be referred to as the Universal Anonymous Credit Card (UACC), is to allow a credit cardholder to execute secure and anonymous credit card transactions on and off the Internet in accordance with the teachings of U.S. Pat. No. 5,956,699. This can be done in a system and in methodology in which merchants no longer have access to the cardholder's real name, address and the actual valid credit card number. Such an effectual personal encryption does not however, prevent the additional use of an Internet standard encryption such as SSL or SET for online data exchanges. The latter will simply make such online transactions even more secured.
- For purposes of clarification and illustration, an example of an application that uses the methodology taught in U.S. Pat. No. 5,956,699 is presented here. Assume that the valid credit card number (VCCN) and the PIN number are, respectively: VCCN=4678 0123 4567 8012 1200 PIN=2468
- Next, assume that the application uses an algorithm that first deletes four (4) digits from the VCCN and then inserts in their place the PIN according to the insertion sequence indicated by a so-called PIN Sequence Insertion Number (PSIN) in order to come up with the scrambled Anonymous Credit Card Number (ACCN), also containing 20 digits. The 4-digit PSIN number can either be chosen by the cardholder or assigned by the issuer. Let us assume for this example that the cardholder's PSIN is 1357.
- Next, assume that the algorithm only operates on
digits 5 through 6 of the VCCN. This takes into account the fact that the first 4 digits of the standard VCCN denote the identification of the credit card issuer and the last 4 digits of the standard VCCN are reserved for the expiration date, all of which should be left undisturbed. Thus, it is the middle 12 digits that indicate the account number for the cardholder of the VCCN. Therefore, the algorithm calls for the cardholder to first delete the last four digits of the 12-digit account number. In this example the 4 digits to be deleted will be “8012”. The 8-digit number before the cardholder PIN is inserted according to the cardholder's PSIN is “0123 4567”. - Now the algorithm defines the numbering convention of the digit positions in the ACCN. The first digit position is defined as the zeroth (0.sup.th) and the second is the first (1.sup.st) etc. Thus, according to the PISN 1357, the PIN 2468 should be inserted to form the ACCN as follows: ACCN=4678 021426384567 1200
- The 4 digits of the PIN=2468 occupy, respectively, the 1.sup.st, 3.sup.rd, 5.sup.th and 7.sup.th positions (according to PISN=1357) using the defined digit position numbering convention. In a simpler algorithm for inserting the PIN, the PIN number itself can act effectively as the PSIN so that the cardholder does not have to remember two numbers. Using such an algorithm, in the example above, the ACCN will now be: ACCN=4678 012243648567 1200
- The 4 digits of the PIN=2468 also occupy, respectively the 2.sup.nd, 4.sup.th, 6.sup.th and 8.sup.th positions of the ACCN (according to an implicit PSIN=PIN=2468) using the defined digit position numbering convention.
- The applications of the teachings of U.S. Pat. No. 5,956,699 just described can be used in a system that reduces fraud while protecting consumer privacy through anonymous transactions, on and off the Internet. Such a system has three main components that are provided to complete a commercial credit card transaction. First, instead of using a valid credit card number, an ACCN is used. Second, instead of using the cardholder's real name, an alias is used. The alias can be selected by the cardholder or the issuer of the credit card, but it has to be known by both. Third, instead of using a cardholder's real address, a “Proxy Agent” is used to conceal the cardholder's actual address and still comply with current credit card transaction regulations. In such a system, the use of a credit card for transactions on the Internet can be anonymous to all except the cardholder and the credit card issuer.
- In order to reduce the cost of use of the UACC, and increase the range of applications in which it can be used the UACC should have a magnetic storage medium that can be read by a standard magnetic stripe reader. This means that the magnetic storage medium must be capable of being read by a standard magnetic stripe reader. It also means that the portion of the UACC containing the magnetic storage medium must be sized such that the magnetic storage medium will work with standard magnetic stripe readers. A standard magnetic stripe reader works by passing the magnetic stripe portion of a card, such as a credit card, through the magnetic stripe reader in a swiping motion. Standard magnetic stripe readers have been prevalent in retail stores throughout the United States for many years.
- An especially preferred embodiment of the UACC will now be described in even greater detail. The especially preferred embodiment uses a standard microprocessor having its usual Central Processing Unit (CPU), Read-Only-Memory (ROM), Random-Access-Memory (RAM) and Input-Output devices (I/O), There are two types of ROMs in the UACC. The first type is a standard semiconductor ROM, ROM1, fabricated as part of the microprocessor. ROM1 stores the microprocessor operating system and also the bulk of the methodology software. The second type of ROM, ROM2, is a portion of a magnetic stripe, namely Tracks 1 and 3. ROM2 stores the relevant information about the cardholder such as primary account number VCCN name, expiration date, encrypted PIN etc. There are also two types of RAMs in the UACC. The first type of RAM, RAM1, is a standard semiconductor RAM as part of the microprocessor and needed for its normal operation. The second type of RAM, RAM2, is a portion of a magnetic stripe, namely
Track 2. RAM2 temporarily stores the encoded ACCN to be read by a standard magnetic stripe reader during a normal credit card transaction after the cardholder inputs the PIN according to the PSIN algorithm into the UACC. - The methodology software is installed into ROM1 of the microprocessor during production. A standard parallel port Input Device serves to interface a numeric keypad and other functional switches of the UACC to the microprocessor. The UACC also has two Output Devices. The first Output Device is a standard parallel output port of the microprocessor used for interfacing to it a 10—or more character alphanumeric LCD display through a driver far outputting information such as recalling from memory alias or typed in PIN verification. It is also used for production testing and repair or servicing of the UACC. The second Output Device is an integrated circuit (IC) magnetic encoder unit built into the UACC so as to encode
Track 2 of the magnetic stripe or RAM2, either statically in conjunction with the existing magnetic stripe, or dynamically without the use of the existing magnetic stripe, with the temporary ACCN information for off the Internet credit card transactions. In this especially preferred embodiment of the present invention illustrated below, only the static magnetic encoder working in conjunction with the existing magnetic stripe is described in detailed. For those skillful in the art, the dynamic thin film magnetic encoder, working without the use of the existing magnetic stripe, can also be used in the present invention as an alternative embodiment. In a preferred embodiment of the present invention, the UACC also contains a battery cell, ON/OFF and other functional switches to render it a fully functional and self-contained credit card (seeFIG. 1 ). - The UACC bridges the old economy world of brick and mortar to the new economy world of the Internet. The integrated circuit (IC) magnetic encoder with current-carrying conductive writing heads is fabricated on a flexible and ultra-thin polymer (e.g. polyimide) printed circuit board (PCB) intimately in contact with the magnetic stripe located above for data impression. The encoder driver and digital logic chips are also mounted on the flexible PCB, but in different areas to form the complete IC magnetic encoder. The IC magnetic encoder is technically compatible with conventional magnetic data transfer methodology and makes possible the fabrication of the present UACC with physical dimensions exactly like those for a regular magnetic stripe portion of a credit card.
- When the UACC is used in a retail transaction, by merely entering one's own PIN into the UACC prior to giving it to the merchant for swiping the credit card transaction, one takes full advantage of the secure and anonymous transaction afforded by the UACC. The user can first check his or her alias and entered PIN (note that the PIN is never stored in the UACC) using the LCD display on the UACC before the UACC is handed it over to the merchant. Since the cardholder has in effect already signed the transaction with a digital signature (his or her PIN), no additional hand signature is required to complete the transaction. The merchant only need receive the PIN-modified anonymous credit card number (ACCN) and the user's alias. The ACCN and the alias are read by a conventional magnetic stripe reader and are processed in exactly the same fashion as a conventional credit card number and credit cardholder name since such information can be sent to a credit card approval agent for approval of the transaction. The credit card approval agent has all of the information necessary to determine if the transaction is valid or fraudulent. The identity of the entity who authorized the credit card, as well as it expiration date, is available in the ACCN in just the same manner as it is available in a conventional credit card transaction. The card number is verified by confirming the card number contained in the ACCN as valid for the alias.
- To use the UACC for Internet transactions, a cardholder first enters the PIN into the UACC exactly like that for off the Internet transactions. Next, the cardholder continues the transaction using only the cardholders alias, the ACCN appearing in the LCD display and also the cardholder's choice of trusted delivery (optional) should the cardholder prefer to make this transaction completely anonymous. Thus, by carrying just one UACC which looks and feels exactly like a regular magnetic stripe credit card, one is now able to make old world credit card transactions like one always has done in the past. But, more importantly, one can now use the same UACC for making secure and anonymous transactions, anywhere in the world, and for both on and off the Internet transactions.
- The especially preferred embodiment of a UACC will now be described in even greater detail by reference to
FIGS. 1 through 3 . -
FIG. 1 shows the physical layout for an especially preferred embodiment of the Universal Anonymous Credit Card (UACC) 1. The areal dimensions of theUACC 1 are 3.375″.times.2.125″ or exactly those of a regular magnetic stripe credit card in use in electronic commerce today. The thickness of theUACC 1 varies from about 0.030″ at the top where the magnetic stripe resides to 0.030″-0.060″ for the rest of the card dependent upon the thickness of the LCD used (seeFIG. 1 ). Besides the ON/OFF switch 3, thefront side 2 of thisUACC 1 has five (5) more functional switches, 4-8, labeled and defined as follows: ATM (switch 4)=Reserved for Automatic Teller Machine (ATM) card ACC (switch 5)=Reserved for Anonymous Credit Card (ACC or A-Card) IC (switch 6)=Reserved for Internet Type II Cash MC (switch 7)=Reserved for standard Magnetic Stripe Credit Card BC (switch 8)=Reserved for A-Card transactions using bar codes. - In addition to the switches 3-8, there is a 12-
character keypad 9. The primary function of thekeypad 9 is for the cardholder to enter the PIN into theUACC 1 for generating the ACCN for on and off Internet commerce transactions. There is also a 10- or more character alphanumeric liquid crystal display (LCD) 10 on thefront side 2 of theUACC 1. ThisLCD 10 displays the alias and the ACCN for use for Internet commerce transactions or the alias and bar code representing the ACCN after the cardholder's PIN is entered. The display of the ACCN will automatically erase itself after about 2 minutes to avoid exposing significant information to third parties. - At the top of the
back side 11 ofUACC 1 is a standard 3-trackmagnetic stripe 12 found in every common magnetic stripe credit card in use today. Track-113 and track-314 are used to store the relevant information about the cardholder such as primary account number VCCN, name, expiration date, encrypted PIN etc. Track-215 of themagnetic stripe 12 normally contains only the cardholder's VCCN to be read by a magnetic stripe reader at the merchant's site. For the present UACC device, the ACCN, instead of the VCCN, will be generated on command by entering the PIN with the appropriate function switch “MC” 7 by aspecial encoder 16 located at a designated location underneath themagnetic strip 12. As will be explained in more detail below, the generated ACCN which resides temporarily on Track-215 of themagnetic stripe 12 will disappear automatically 2 minutes after it is being generated. This is to ensure that no significant information about the credit card account stays long enough for fraudsters to steal for committing subsequent credit card frauds. - The system block diagram for the especially preferred embodiment of the present invention is shown in
FIG. 2 . At the center of the system is a conventional 16-bit microprocessor 16 comprising a Central Processing Unit (CPU) 17, a Read-Only-Memory (ROM1) 18, a Random Access Memory (RAM1) 19, a 16-bit parallel Input Port (Input) 20 and a 16-bit parallel Output Port (Output) 21. Themicroprocessor 16 receives inputs throughInput 20 from a bank offunctional switches 22, which containsswitches 4 through 8. The microprocessor also receives inputs from a 12-character keypad 9 throughInput 20. Outputs from themicroprocessor 16 emanate fromOutput 21 through aLCD display driver 23 to reach the 10- or more characteralphanumeric LCD display 10 and also through anencoder driver 24 to reach a designated location of Track-215 of themagnetic stripe 12. Such a designated location of Track-215, where theencoder 25 is positioned, serves as a second RAM, RAM2, for themicroprocessor 16. RAM2 stores the encoded ACCN needed for offline credit card transactions to be read by the merchant's standard decoding equipment very much like a conventional magnetic stripe credit card. - The software program for implementing the methodology provided by U.S. Pat. No. 5,956,699 for the cardholder to execute secured and anonymous credit card transactions on and off the Internet is installed into ROM118 of the
microprocessor 16 during production of the current UACC unit. Information pertaining to the cardholder is encoded onto Track-113 and Track-314 of themagnetic stripe 12 which serves as an independent ROM, ROM2, for the UACC unit. Since information stored in ROM2 will be read with a standard magnetic stripe reader, it operates independently of themicroprocessor 16. Abattery supply 26 withcontacts 27, controlled by the ON/OFF switch 3, completes the UACC system. The battery supply provides power to all the components of the UACC system, including themicroprocessor 16,LCD display driver 23,encoder driver 24,LCD display 10 and thekeypad 9. -
FIG. 3 shows the physical layout and construction for the especially preferred embodiment of the present UACC device. All the electronic components of the system, namely themicroprocessor 16, theLCD display 10, thekeypad 9,LCD display driver 23,encoder driver 24,encoder 25, functional switches 4-8, ON/OFF switch 3 andbattery contacts 27 withbattery cell 26, are fabricated on a flexible multi-layered printedcircuit board 28. The flexible printedcircuit board 28 with all the loaded components is then encapsulated in plastic into thin 29 and thick 30 parallel sections as shown inFIG. 3 . The thickness of thethin section 29 where theconventional magnet stripe 12 will be fabricated on top of the encoder 25 (to be explained in more detail below) on the backside is about 0.030″, the same thickness as the magnetic stripe credit cards in use today. The plastic encapsulated thick section 30 (seeFIG. 3 ), while holding the fully-loaded flexible printedcircuit board 28 in place, allows the ON/OFF switch 3, functional switches 4-8 and thekeypad 9 to be physically accessible (e.g. by fingers) from the front side of the UACC device. TheLCD display 10 is also directly visible from the front side. Note that the thickness of the plastic encapsulated section would also be 0.030″ thick if a polymer-backed (e.g. Mylar®) ultra-thin LCD display (0.020″ thick typical) is used. - A much simplified theory on magnetic stripe technology, especially on how to encode (write) and decode (read) digital data respectively on and off a magnetic stripe used in ordinary credit cards of today, will now be provided in order to better explain how an encoder can be fabricated and work. A magnetic stripe is made out of a thin layer of very tiny ferromagnetic particles (typically 0.5 micron long) bound together with resin and subjected to a very strong magnetizing magnetic field (known as “coercivity”) when such a stripe is printed onto a substrate. When the resin is cured or set, these tiny “magnets” are magnetically and permanently aligned (magnetized) into a series of South-North magnetic domains forming a chain of S-N, S-N . . . interfaces. The adjacent N-S magnetic fluxes of these magnetic domains are normally linked together for the entire magnetic stripe to act like a single magnet with South and North poles at its ends. In other words, an un-encoded magnetic stripe is actually a series of aligned South-North magnetic domains (see
FIG. 4 ). - If a N-N interface (instead of the normal N-S interface for un-encoded magnetic domains) is created somewhere on the stripe, the magnetic fluxes at the N-N interface will repel each other, resulting in a concentration or increase of flux lines around the N-N interface called a “flux reversal”. The same situation exists for a S-S interface as compared with a normal N-S interface. Such a situation will take place if a
strong magnetizing magnet 31 having an opposite magnetic orientation, namely N-S, is suddenly introduced on top of one of the S-Nmagnetic domains 32 of the magnetic stripe as shown inFIG. 5 . Themagnetic domain 32 will realign its magnetization as that of the strong magnet on top of it, namely N-S. Under this situation, two flux reversals have taken place, as illustrated inFIG. 6 . - The process of encoding or writing involves the creation of N-N and S-S magnetic domain interfaces, or flux reversals, and the process of decoding or reading that of detecting them. Knowing that magnetic flux lines always emanate from the North pole and terminate on the South pole, a sudden introduction of a strong magnetic field (greater than the coercivity of the magnetic domains) having a N-S magnetic orientation can magnetize a normal S-N magnetic domain into N-S orientation, resulting in the creation of a pair of flux reversals S-S and N-N, much like that shown in
FIG. 6 above. - Before proceeding to explain how the encoder of the especially preferred embodiment writes the ACCN on Track-215 of the
magnetic stripe 12, it is helpful to delve deeper into the data storage mechanics of themagnetic stripe 12 itself. As stated earlier, themagnetic stripe 12 has three tracks, namely Track-113, Track-215 and Track-314. Digital data are stored in these three tracks according to the American National Standards Institute (ANSI) and International Standards Organization (ISO) BCD (5-bit Binary Coded Decimal Format) or ALPHA (alphanumeric) standards. The ANSI/ISO standards forTracks -
TABLE I ANSI/ ISO Track Track Name Density Format Characters Function 1 IATA 210 bpi ALPHA 79 Read Name & Account 2 ABA 75 bpi BCD 40 Read Account 3 THRIFT 210 bpi BCD 107 Read Account & Encode - Track-1 13, named after the “International Air Transport Association” (IATA), contains the cardholder's name as well as account and other discretionary data, Track-2 15, “American Banking Association” (ABA), is the most commonly used. This is the track that is read by ATMs and credit card checkers. The ABA designed the specifications of this track and it is believed all major world banks abide by it. It contains the cardholder's account number, encrypted PIN, plus other discretionary data. Track-3 14 is unique and intended to have data read from and written on it. At present, it is an orphaned standard and has not been widely used to date.
- Before the encoder can write on command the ACCN on Track-2 15 of the magnetic stripe, attention must be paid to the data layout for Track-2 15, Encoding protocol specifies that each track must begin and end with a length of all Zero bits, called CLOCKING BITS. These are used to synchronize the self-clocking feature of bi-phase decoding, an industry standard. A typical Track-2 layout is shown as follows:
- 0000000000000000; 1111222233334444=9912****000000XXXX0000? The symbol “;” after the “0's” is the “START SENTINEL” according to the BCD data format. The 4 digits “1111” following is the issuer or acquiring bank's identification number. The 12 digits following is the cardholder's account number. The symbol following is the “FIELD SEPARATOR” according to BCD data format. The 4 digits “9912” following is the expiration date. The four characters following “****” are data reserved for private use. The data length “XXXX” after the string of 0's may vary and is the encrypted PIN offset. Finally the symbol “?” after another string of 0's is “END SENTINEL”.
- The location of the 12 digits that need to be encoded or written on command is represented by “2222 33334444” on Track-215 of the
magnetic stripe 12 in the example cited above. - Next, it is helpful to have an understanding of how the 12 digits are represented in BCD data format on Track-215 of the
magnetic stripe 12. According to the BCD data format, each decimal digit is coded by 5 bits. The ANSI/ISO BCD Data Format is reproduced in Table II below. Note that all 21 digits, including the field separator, namely “1111222233334444=9912”, can also be encoded on command if so desired. -
TABLE 2 ANSI/ISO BCD Data Format Data Bits Parity b1 b2 b3 b4 b5 Character1 Function 0 0 0 0 1 0 (0 H) Data 1 0 0 0 0 1 (1 H) Data 0 1 0 0 0 2 (2 H) Data 1 1 0 0 1 3 (3 H) Data 0 0 1 0 0 4 (4 H) Data 1 0 1 0 1 5 (5 H) Data 0 1 1 0 1 6 (6 H) Data 1 1 1 0 0 7 (7 H) Data 0 0 0 1 0 8 (8 H) Data 1 0 0 1 1 9 (9 H) Data 0 1 0 1 1 : (AH) Control 1 1 0 1 0 ; (BH) Start Sentinel 0 0 1 1 1 < (CH) Control 1 0 1 1 0 = (DH) Field Separator 0 1 1 1 0 > (EH) Control 1 1 1 1 1 ? (FH) End Sentinel 1Hexadecimal conversions of the data bits are given in parentheses (xH). - How BCD data is actually encoded onto Track-215 of the
magnetic stripe 12 can now be explained. Table I above notes that Track-2 has a density of 75 bits per inch (bpi). According to the ANSI/ISO BCD data format, each character is represented by 5 bits. Thus, if the encoder needs to encode 12 digits (see “222233334444” in example above), it will require a total of 60 bits. Since the density is 75 bpi, the maximum physical space available for a stationary encoder head is 0.800″. But the important dimension for the design of the encoder head is the space available for each BCD bit. In the present case, the bit dimension is 1,000 mils/75 bits or 13.33 mils (0.0133″) per bit. - At this point, it is useful to explain with the help of
FIGS. 7 A-D, how a single character or decimal digit comprising 5 bits in the ANSI/ISO BCD data format is encoded onto Track-215 of themagnetic stripe 12.FIG. 7A shows an un-encoded strip of Track-2 long enough to accommodate 5 bits of data. The physical length of this strip is 5,times.0.0133″ or 0.0667″ (66.65 mils). This un-encoded strip is divided into five segments, each representing a single bit, and each is further represented by two magnetic domains as shown inFIG. 7A . In accordance with the industry standard of encoding called Aiken Biphase, or “two frequency coherent-phase encoding”, data is encoded in “bit cells” defined above and the frequency of which is the frequency of the ‘0’ signals. ‘1’ signals are exactly twice the frequency of the ‘0’ signals. So, at least from the conventional way of decoding, the actual frequency of the data passing the ‘READ’ head will vary with the swipe speed, for the data density, control functions etc., the ‘0’ frequency, however, will always be twice the ‘0’ frequency. This is illustrated inFIG. 7B where the representation of all ‘1s’, all ‘0s’ and how ‘1’ and ‘0’ data exist side by side. Note that inFIG. 7B , the bit cell waveforms for ‘0’ and ‘1’ are the results of creating the so-called flux reversals of “N-N” or “S-S” at the magnetic domains interfaces of the un-encoded strip. For the stationary encoder of the present preferred embodiment, the encoding must be consistent with the Aiken Biphase convention because the same ‘READ’ heads will be used to decode the Track-2 data temporarily stored in UACC devices during offline (off the Internet) credit card transactions. - Consistent with the Aiken Biphase convention therefore,
FIG. 7C shows, as an illustration, how BCD decimal digits ‘0’, ‘5’ and ‘9’ would appear referenced to the un-encoded 5-bit strip ofFIG. 7A . Also shown inFIG. 7C are the orientation of the magnetic domains and the flux reversals at the domain interfaces. Thus, if an encoder head of the present preferred embodiment is designed to be on top of the magnetic domains representing the 5-bit decimal digit, it would be possible to magnetize on command the individual domains in order to create the appropriate flux reversals corresponding to the desired decimal digit. This is illustrated inFIG. 7D . The orientation of themagnetic domain 33 when un-coded is S-N as shown inFIG. 7D . The twocontact bits contact 34 to ground resulting in flipping the orientation ofmagnetic domain 33 to N-S. Meanwhile the current I− from “+V” to contact 35 is zero. Whencontact magnetic domain 33 will stay as N-S. Whencontacts contacts - In order to encode in the present example a total of 12 decimal digits, one would need to encode 5.times.12 or 60 bits of data As shown in
FIG. 7D , the encoder has to have two micro-heads per bit of data. Furthermore, each micro-head has a PLUS or MINUS polarity. If the polarity is PLUS, current will flow in one direction so as to generate a N-S magnetizing magnet. Similarly, if the polarity is MINUS, current will flow in the opposite direction so as to generate a S-N magnetizing magnet. So the encoder of the present preferred embodiment will have 2.times.60 micro-heads each with a PLUS and MINUS polarity. An especially preferred embodiment of the encoder with the driver electronics and logic is shown schematically inFIG. 8 . -
FIG. 8 shows the 12 decimal digits divided up into 60 bit cells with each bit cell comprising two magnetic domains and each having a PLUS and MINUS polarity. There are therefore a total of 120 magnetic domains that have to be addressed, each with two polarities, making it a total of 240 address lines as shown inFIG. 8 . These addresses lines are accessed in bunches of 10 (5 magnetic domains or 2½ bit cells). The address originates from using 10 bits of the 16-bit Output port 21 (seeFIG. 2 of system block diagram for UACC) and then through the encoder driver 24 (also seeFIG. 2 ) as current buffer before being connected to the 24 bunches of 10 address lines. Each of the 24 bunches of 10 address lines is accessed with a 32:1 decoder using five of the 16 bits of theOutput parallel port 21. The decoder selects one of the 24 bunches of 10 address lines via switch bank 36 (there is a total of 24 switch banks similar to switch bank 36) comprising 10 switches each. In essence, it is the switch bank that selects which of the 10 address lines out of the 24 bunches that are being connected to the output of theencoder driver 24. Thus, it is possible to encode the 12 decimal digits into a designated location of Track-215 of the magnetic stripe with commands from the microprocessor and outputted through theparallel port 21 through theencoder driver 24. Such a software command is part of the methodology algorithm taught in U.S. Pat. No. 5,956,699 and stored in ROM1 (seeFIG. 2 ) of themicroprocessor 16. The stored algorithm generates the ACCN or in essence, a “Coupon” (Customer's one-time unique purchase order number), from the valid credit card number VCCN and the cardholders PIN when inserted properly into part of the VCCN. - The manner in which the Universal Anonymous Credit Card (UACC) will work under different on and offline transaction circumstances will now be described. It is first assumed that the cardholder has opened an UACC account with an issuer or acquiring bank. The cardholder has turned over a real name, address, personal and financial information to the issuer. In return, the cardholder is assigned a valid credit card number. VCCN, a credit limit, an Alias (chosen by the cardholder) and a proxy agent, and most importantly a cardholder UACC. The issuer has to assign the cardholder a proxy agent to use instead of giving out the cardholder's address in order to comply with the existing credit card transaction regulation. After obtaining a UACC from the issuer, the cardholder is now free to do anything and everything on and off the Internet safely with full assurance that nobody will find out what, where, when and how money is being spent with the UACC card, except its issuer.
- The manner in which the cardholder can use his or her UACC to shop on the Internet will now be described. It is possible that not every online merchant will accept the UACC in the beginning, so the cardholder may have to identify those merchants that are partners with the UACC issuer bank. Otherwise, the transactions with the UACC will not be processed properly by the existing infrastructure that processes only conventional credit cards. Suppose the cardholder now wishes to purchase some merchandise from an online merchant who accepts UACC. All the cardholder has to send to the merchant's Web site online is his or her alias, a proxy agent's name assigned to the cardholder by the issuer bank, the ACCN or anonymous credit card number which will be obtained from the UACC (to be explained below), the merchandise and shipment choice. This is completely different from what the cardholder normally has to give out viz. a real name, address and the valid credit card number, should the cardholder use a regular credit card. To obtain the ACCN from his UACC device, all the cardholder has to do is to first push the button “CC” which is reserved for Anonymous Credit Card transactions, then to enter the cardholder's PIN using the keypad and then the “#” key. In the LCD display, the alias will first be scrolled across the display followed by the 10-digit ACCN. Note that the first six digits (four digits are used to identify the issuer bank and two more digits to designate a specific BIN number) and the last four digits of the ACCN always remain the same as those in the VCCN which signifies the issuer's identification and credit card BIN number, and the expiration date respectively. The cardholder can then use this ACCN to complete the transaction with the online merchant. After the cardholder finishes using the ACCN, he or she can either erase it from the LCD display by pressing “*” followed by “#” in the keypad, otherwise the ACCN will disappear from the LCD display automatically after approximately 2 minutes.
- As one can see from this transaction on the Internet using the UACC, the real name and address of the cardholder, including the credit card number itself, never appear on the Internet or even are made known to the merchant. Even though the ACCN or Coupon does appear, together with the alias of the cardholder, across the Internet during the online transaction, this ACCN or Coupon number does not stay the same, according to the methodology of U.S. Pat. No. 5,956,699, but changes automatically after every transaction or use. Thus, unlike all the other credit card transactions on the Internet today, no valid credit card numbers are actually available in transmission for theft by anybody. Only the ACCN or Coupon number will appear on any or all transaction records and that number is useless for any subsequent transactions because it is time variant.
- For off the Internet transactions, the UACC behaves just like an ordinary credit card. The only difference is that before one hands over the UACC to the merchant for charging the amount, one enters one's PIN after pushing first the “MC” button on the UACC device, which is reserved for magnetic stripe credit card transactions, and then follows it with a “#” key on the keypad. It is assumed here that the cardholder is satisfied with what is being charged on the credit card before the cardholder, in effect, “signs” it digitally in the transaction. Unlike ordinary magnetic stripe credit cards of today, no personal hand signature is needed for off the Internet transactions with the UACC. By entering the PIN, the UACC automatically encodes temporarily the ACCN onto Track-2 of the
magnetic stripe 12. The use of the resultant ACCN or Coupon is likened to the cardholder already signing the credit card with a personal digital signature for the transaction. The rest of the transaction simply follows that of a regular magnetic stripe credit card with the existing credit card processing infrastructure. - Thus, there has been described a Universal Anonymous Credit Card (UACC) device that is capable of allowing the cardholder to execute on and off the Internet secure and anonymous credit card transactions. The UACC can be used in methods for implementing an anonymous credit card transaction between a user and a merchant as is described in U.S. Ser. No. 09/619,859. An embodiment of such a method is set forth in
FIG. 9 . In accordance with this embodiment, a user must first establish a user account with a credit source. The credit source may be a bank, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No. 5,913,203, When the user establishes a user account with the credit source, one or more user settlement mechanisms through which the user can pay the credit source for charges and fees billed to the user account will be established. For example, in the case of credit card transactions, the user and the credit source will enter into an agreement concerning use of the credit card. As a further example, in the case of debit or electronic checking services, the user and credit source may enter into a separate agreement concerning how and from what account such debits will be debited. - After a user account is established, the credit source will create one or more user account records associated with the user account to contain a variety of information, including a user account number, a fictitious account name, a “Proxy Agent,” a user key and when applicable, a user insertion key. The fictitious account name can be selected by the cardholder or the issuer of the credit card, but it has to be known by both. The “Proxy Agent” is used to conceal the cardholder's actual address and still comply with current credit card transaction regulations—in other words, it is a fictitious address. Additional information that might typically be contained within such records includes cross references to other accounts, the user's name and the user's billing address. An electronic card, such as the UACC card, uses an algorithm to generate a valid personal charge number.
- When the electronic card is used in a retail transaction, by merely entering ones own PIN into the electronic card prior to giving it to the merchant for swiping the credit card transaction, one takes full advantage of the secure and anonymous transaction afforded by the electronic card. The user can first check his or her alias and entered PIN (note that the PIN is never stored in the electronic card) using the keypad on the electronic card before the electronic card is handed it over to the merchant. Since the cardholder has in effect already signed the transaction with a digital signature (his or her PIN), no additional hand signature is required to complete the transaction. The merchant only need receive the PIN-modified anonymous credit card number (ACCN) and the user's alias. The ACCN and the alias are read by a conventional magnetic stripe reader and are processed in exactly the same fashion as a conventional credit card number and credit cardholder name since such information can be sent to a credit card approval agent for approval of the transaction. The credit card approval agent has all of the Information necessary to determine if the transaction is valid or fraudulent. The identity of the entity who authorized the credit card, as well as It expiration date, is available in the ACCN in just the same manner as it is available in a conventional credit card transaction. The card number is verified by confirming the card number contained in the ACCN as valid for the alias.
- To use the electronic card for Internet transactions, a cardholder first enters the PIN into the electronic card exactly like that for off the Internet transactions. Next, the cardholder continues the transaction using only the cardholder's alias, the ACCN appearing in the LCD display and also the cardholders choice of trusted delivery or Proxy Agent (optional) should the cardholder prefer to make this transaction completely anonymous. Thus, by carrying just one electronic card which looks and feels exactly like a regular magnetic stripe credit card, one is now able to make old world credit card transactions like one always has done in the past. But, more importantly, one can now use the same electronic card for making secure and anonymous transactions, anywhere in the world, and for both on and off the Internet transactions.
- As is apparent from the foregoing description, the real name and address of the cardholder, including the credit card number itself, never need appear on the Internet or even need to be made known to the merchant. Even though the ACCN or Coupon (Customer One-time Unique Purchase Order Number) does appear, together with the alias of the cardholder, across the Internet during the online transaction, this ACCN or Coupon number does not stay the same, according to the methodology of U.S. Pat. No. 5,956,699, but changes automatically after every transaction or use. Thus, unlike all the other credit card transactions on the Internet today, no valid credit card numbers are actually available in transmission for theft by anybody. Only the ACCN or Coupon number will appear on any or all transaction records and that number is useless for any subsequent transactions because it is time variant.
- Accordingly, this disclosure includes the following methods.
-
Method 1. A method for implementing an anonymous Mail Order Telephone Order (“MOTO”) credit card transaction between a user and a merchant, comprising the steps of: - establishing a user account between a credit source and the user which is associated with a fictitious account name, a user account number, a user key and a user settlement mechanism through which the user can pay the credit source for charges and fees billed to the user account;
- providing the user with an electronic card that is comprised of:
- a card base;
- a storage medium affixed to the card that can be read by a card reader but is not readable by a human eye;
- a computer affixed to the card;
- an input mechanism for providing input to the computer;
- a display controlled by the computer; and
- a power source for supplying power to the computer;
- wherein the electronic card has a fictitious account name stored in a memory device accessible by the computer, the computer is capable of causing data to be stored in the storage medium and the electronic card is sized such that a standard magnetic stripe reader can read the magnetic storage medium;
- completing a MOTO credit card transaction between the user and the merchant in which the user is charged a monetary value by the merchant, comprising the following steps:
- entering the user key into the input mechanism;
- executing an algorithm by the computer that uses the user key and a card number stored in the electronic card as input variables to generate a valid personal charge number;
- visually reading the valid personal charge number from the display;
- providing the valid personal charge number and the fictitious account name to the merchant;
- sending the monetary value, the valid personal charge number and the fictitious account name to a credit approval center that verifies that the valid personal charge number is valid for the fictitious account name and approves the MOTO credit card transaction; and
- sending an approval of the transaction from the credit approval center to the merchant.
-
Method 2.Method 1 wherein the MOTO credit card transaction is conducted between the user and the merchant over a computer network. -
Method 3.Method 1 and the further steps of: - establishing a user insertion key that is associated with the user account; and
- generating the valid personal charge number from the card number by inserting the user key into the card number through use of the user insertion key and a permutation variable.
-
Method 4.Method 3 and the further steps of: - changing the permutation variable from an initial state to a different state; and
- generating a second valid personal charge number from the card number by inserting the user key into the card number through use of the user insertion key and the permutation variable in the different state.
- One particular method that can be used to generate a one-time payment card number, which is described in U.S. application Ser. No. 09/659,434, will now be discussed.
- The present disclosure is adapted for use in many kinds of financial transactions. For example, it can be used in credit card transactions, bank or debit card transactions, or electronic script transactions. Because of the versatility of this embodiment, it can be used in connection with a wide variety of instruments that can be used in connection with such financial transactions. Thus, it can be used with electronic cards, software programs used in network applications, or telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce). Moreover, it can be used whether such transactions are conducted in person, face-to-face, or whether such transactions are conducted by an indirect medium, such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
- As is the case in most financial transactions, three parties are typically involved in completed financial transactions according to the present invention. A party makes a monetary payment. In the context of the following description, this is the first entity or customer. Another party receives the monetary payment, and this party can be a single party or two or more parties. In the context of the following description, the party or parties that are receiving the monetary payment are referred to as the second entity. Finally, there is at least one party, and usually multiple parties, that serve as intermediaries to allow the customer to transfer monetary value to the second entity. The intermediary group of one or more parties will be referred to in the context of the following description as a money source. Thus, the money source may be one or more banks, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No. 5,913,203 which states, in col. 5, lines 6-17: “Initially, there must be a money source. This is described as a pseudo cash repository, but it does not need to be a single entity. In practice, it can be a single bank, or a single credit card company or a number of affiliated banks (a bank group) or a number of affiliated credit card companies (a card group) affiliated with one or more merchants and set up to do business with one or more money source customers or some other entity or entities that will perform such a function. The pseudo cash repository, in concept, is similar to an entity that issues traveler's checks (for a non-anonymous cash-like transaction) or a money order (for a potentially anonymous cash-like transaction).” U.S. Pat. No. 5,913,203 further states, in col. 6, lines 34-41: “The pseudo cash repository maintains a record of the pseudo cash unit and the fixed monetary value associated with the pseudo cash unit and in an especially preferred embodiment, can be either a computer or a network of computers that operates as the money source. If the pseudo cash repository relies upon a network of computers, the network can be dedicated or it can be connected by an encrypted two-way communication linkage.”
- In connection with this embodiment, it is not necessary that the first entity use a real identity, although such an option is also acceptable. Instead, a pseudonym, such as a screen name or an alias, could be used to protect the first entity's privacy and provide additional security.
- Although the first entity need not use a real identity, the first entity must establish an account with a money source. When the account is established, the first entity and the money source must agree upon a payment mechanism or protocol. In the case of a credit card or a bank card, this could be done in the same fashion as exists today, and the first entity could select a fictitious account name as is explained in greater detail in co-pending U.S. patent application Ser. No. 09/619,859. It is especially preferred that two different users not be allowed to select the same fictitious account name so that a fictitious account name also represents a unique identifier. However, the preferred embodiment could also be used in connection with a prepaid account. In such a scenario, the first entity could simply purchase a prepaid card and no real identity would ever be required.
- When the first entity establishes an account with the money source, a user key must be selected. The user key can be a Personal Identification Number, or “PIN,” similar to that which is currently in widespread use in the United States in connection with automated teller machines. Both the first entity and the money source must have access to the user key, which can be selected by either entity. In order to be able to retrieve this user key, the money source must create a record associated with the first entity that includes the user key and a first entity identifier (whether this be the real name of the first entity or a fictitious account name).
- Once the first entity has established an account with the money source and a user key has been selected, the first entity must be supplied with the means to generate a customer one-time unique purchase order number (“Coupon”). As already described, this could be hardware or software, but, in either case, it will include a customer random number generator and a customer permutation variable that is correlated with a customer sequence number.
- There is some debate, within the mathematical and cryptographic communities, as to what constitutes a “random number generator.” At times, the term is used somewhat loosely, and sometimes it is used to refer to what is also commonly referred to as a “pseudo random number generator. In the context of the present invention, a “random number generator” shall be defined to include a pseudo-random number generator. The details of how a random number generator (or a pseudo-random number generator) works, and how they can be used to generate a series of random (or pseudo-random) numbers, are well known in the art of cryptography and will not be repeated here. (A general description of random number generators and various pseudo-random number generators, and a discussion of common implementation mistakes that are made when using pseudo-random generators, is set forth in ICSA Guide to Cryptography (McGraw-Hill 1999), by Randall K Nichols, at pages 356, 399-406, and 702, the disclosure of which is specifically incorporated herein by reference.)
- A person skilled in the art could choose one of many different “random number generators” known in the art for use in connection with the present invention, and any number of such devices will suffice, although it is probably most desirable, from a security standpoint, to use a cryptographic pseudo-random number generator. In an especially preferred embodiment, the “random number generator” is what has been referred to by H. D. Knoble as a “Portable Quasi-Random Number Generator.” More specifically, it is especially preferred that the random number generator be an additive three part prime modulus multiplicative linear congruent random number generator which can be generated by the following algorithm:
-
RN=INT((R−(INT(R)))×10) - where RN is the random number, INT stands for an Integer function, and R is calculated as follows:
-
R=(SA/K4)+(SB/K8)+(SC/K12), where -
SA=K1×MOD(SA,K2)−K3×(SA/K2), but if SA is less than zero, SA=SA+K4, -
SB=K5×MOD(SB,K6)−K7×(SB/K6), but if SB is less than zero, SB=SB+K8, -
SC=K9×MOD(SC,K10)−K11×(SC/K10), but if SC is less than zero, SC=SC+K12, - where SA, SB and SC are seed values, all K numbers are constants, and MOD is a Modulo function. The above-identified algorithm uses three additive parts, but an algorithm with additional (or, less preferably, fewer) additive parts could also be used. Additional details concerning Modulo and Integer functions can be obtained from VS FORTRAN Application Programming: Language Reference, Release 2.0, IBM (3rd Ed., September 1982), pages 215 and 216, the disclosure of which is specifically incorporated herein by reference.
- The customer random generator is used to generate a sequence of numbers with qualities similar to that of a sequence of truly random numbers. By using a pseudo-random number generator, the sequence will be fixed for a given algorithm, using a given set of constants, starting from a given seed value. A number in such a sequence can be referenced by its position relative to an initial setting, and this shall be referred to as a sequence number. Thus, a string of one hundred numbers generated by a random number generator can be assigned sequence numbers of 1-100, respectively, which means that the fiftieth number in the string would be assigned the sequence number of 50.
- Because the money source must also use a random number generator, the customer random number generator and the money random number generator must be synchronized so that they will achieve identical results when the customer sequence number and the money source sequence number are identical. If a money source wants a number of different customers to use the same random number generator but generate different sequences of numbers, such results can be obtained several ways. For example, different customers might have different initial seed values, different customers might have one or more different constants, different customers might have a different permutation variable as an initial setting, or two or more of these options might be employed.
- When the first entity wishes to generate a Coupon, the first entity enters the user key into the hardware or software used to generate the Coupon. Once the user key is entered, it is combined with a customer permutation variable that is correlated with a customer sequence number to form a customer permutated user key. The combination can be done by any number of mathematical functions (simple examples of which are addition, subtraction, division and multiplication) or by any suitable algorithm or set of rules. The customer permutation variable and the customer sequence number can be correlated in many different ways, the simplest example of which is that they are identical. Another example of a simple correlation would be to vary the permutation variable according to a preselected algorithm in accordance with the customer sequence number, or through use of the customer sequence number as an input into the algorithm.
- The customer permutated user key and the user insertion key are used as input variables in an algorithm to form a Coupon. In an especially preferred embodiment, the customer permutated user key is inserted into a user account number. Simple methods of insertion include addition and substitution, or a combination of the two. After a Coupon is generated, the customer sequence number is changed, and a new entry of the user key will result in generation of a new customer permutated user key and a new Coupon. Because generation of the Coupon can be done by a computer (whether it be a “traditional” computer or some other device that can be a host computer or a client computer, such as a chip located in an electronic card or telephone), for all practical purposes, the Coupon can be generated as soon as the user key is entered into the computer.
- Once a Coupon is generated, it can be transferred to a second entity, along with a first identity identifier, to pay for goods or services and, in turn, the Coupon and the first identity identifier can be transferred to the money center.
- When a customer's user key is entered into an input device, there is always a possibility of mistake due to human error. Accordingly, it is highly desirable to provide a mechanism to account for such mistakes. However, the mechanism should be controlled to avoid the possibility of an unacceptable compromise to security, as could be the case if unlimited errors in entry of the customer's user key are allowed. The preferred embodiment provides a mechanism to satisfy both desires by the method a Coupon is validated and by allowing the customer random number generator and the money source random number generator to be resynchronized from a first setting to a second setting.
- A Coupon is validated when the money source determines that the Coupon is valid for the first entity identifier submitted with the Coupon. In order to determine what Coupons might be valid for the first entity, the money source determines what Coupons the first entity will generate, and the order in which they will be generated. One way that the money source can determine what Coupons will be generated by the first entity is to generate coupons from the same starting input that would be used by the first entity, using the same random number generator. In other words, the money source uses a money source random generator that uses the same algorithm as the customer random generator (including initial seed(s) and constants), using the same user key. Thus, when the money source generates a money source Coupon from a money source sequence number that is identical to a customer sequence number used by a customer to generate a Coupon, the money source Coupon should be identical to, and thus match, the Coupon. This, in turn, validates the Coupon.
- Validation of a Coupon is very simple to implement when the customer sequence number and the money source setting are synchronized. The money source Coupon could be generated at the time the Coupon is submitted for validation, or it could already be generated, and stored, in a look-up table. However, there are reasons why such synchronization may not exist. For example, a customer might generate a Coupon but, for whatever reason, not use it. Alternatively, a consumer might make a mistake and not enter the correct user key, and thus generate an invalid Coupon. (Although the latter possibility could be avoided by storing the user key in the hardware/software and confirming that the user key entered is correct, such storage is undesirable since the existence of such a record compromises security).
- In order to account for the possibility that the customer sequence number and the money source setting may not be synchronized, validation can be permitted if the Coupon matches any one of a preselected number of money source Coupons generated in series by the money source from an expected starting value of the customer sequence number. (Selection of the preselected number is a matter of design choice that involves a tradeoff between usability and security, and the number might be changed at different times or for different conditions.) Although such series could be generated at the time of submission of a Coupon for validation, it is especially preferred that the series be generated and stored as a sequential set that can be queried upon submission of a Coupon for validation. Using this methodology, once a Coupon is validated, the matching money source Coupon and all earlier created money source Coupons can be deleted from the sequential set. Then, since the sequential set now contains less than the preselected number of Coupons, one or more additional money source Coupons are generated to bring the population of money source Coupons back up to the preselected number (or a newly selected number).
- The use of a sequential set of money source Coupons works well as long as Coupons are submitted for verification in correct sequential order. Normally, this should not be a problem. However, there may be instances where this could present a problem, such as use of a Coupon to pay for something ordered by mail. In order to account for such a possibility, the money source can store money source Coupons deleted from the sequential set in a recent history file, and this file can be maintained for a preselected length of time. Using this methodology, if a match with a money source Coupon stored in the sequential set does not validate a Coupon, a match with a money source Coupon stored in the recent history file can still validate it. However, the money source might also want to implement additional security measures when validating a Coupon by comparison with the recent history file. Thus, in the given example of a mail order, the money source might also require that the shipping address match an approved shipping address for the first entity. Alternatively, the money source might also require independent confirmation of the validity of the Coupon by contacting the first entity, e.g. by telephone or e-mail, if the value of the Coupon exceeds a threshold limit.
- If a Coupon is not validated, the money source will reject it as invalid. The Coupon might be invalid due to error by the first entity, or due to error somewhere during its path of transmission to the money source, or due to fraudulent activity, Accordingly, it is highly desirable not to place a hold on activity by a customer whose first entity identifier has been used with an invalid Coupon until such activity exceeds a threshold level. Once this threshold level has been exceeded because a preselected number of invalid Coupons are not verified for the first entity, an invalid user account number condition can be triggered to prevent any further processing of Coupons submitted with the first entity identifier until the invalid user account number condition is removed.
- If a first entity has submitted too many invalid Coupons, or has just gotten too far out of synchronization from the money source (e.g., a child playing with an electronic card), it may be desirable to resynchronize the customer random number generator with the bank random number generator. One easy way to do this is as follows. The first entity could contact the money source, enter the first entity's user key, and provide the money source with the resultant Coupon. The money source could then use this Coupon to determine what customer sequence number was used to generate the Coupon, and reset its records accordingly, as is illustrated in the following example:
- Assume that the sequential set maintained by the money source contains 10 money source Coupons, that the first entity has previously successfully submitted Coupons for transactions 1-5, and that the first entity's customer sequence number is now 25. When the first entity contacts the money source, the Coupon that it will generate will be the 25th Coupon in a string, but the sequential set maintained by the money source will only contain the 6th through 15th Coupons. Therefore, the money source will not generate a match until its 25th money source Coupon is generated, at which point the customer random number generator and the money source random number generator will be resynchronized. Next, the money source will generate
money source Coupons 26 through 35 and place them in its sequential set of money source Coupons for the first entity, and an invalid user account number condition, if set, can be removed. - Another way that the customer random number generator and the money source random number generator can be resynchronized is for the money source to provide the first entity with a new seed value to be input into the random number generator, but this would require some mechanism to allow such input. In the case of an electronic card, telephone or other hardware device, a special function key, followed by the input, might perform this.
- Although the foregoing discussion of the preferred embodiment has focused on use of a single Coupon, additional security could be obtained by requiring use of two or more Coupons for a given transaction, especially if it exceeds a preselected threshold value or if a requirement for additional security is triggered. If two Coupons are required to process a given transaction, it is far less likely that a random guess or person without access to the valid user key and requisite algorithm could generate a correct sequence of Coupons. This fact can also be used to prove fraudulent or unauthorized use, or to check for such use. For example, suppose a first entity submits a Coupon for validation in connection with a certain transaction, and its validity is called into question. The first entity could be prompted to provide one or more additional valid Coupons, and if this could not be done, it would be a good indication of potential fraud.
- In certain types of transactions, such as transactions over the Internet, there is some possibility that a first entity identifier could be intercepted and somebody might make fraudulent attempts to guess a valid Coupon for an intercepted first entity identifier without actual possession of authorized hardware or software that might be used to generate a valid Coupon. Once again, by requiring use of two or more valid Coupons, the potential for fraud could be reduced. Alternatively, the first entity could be asked to generate a Coupon using an incorrect user key. In this scenario, if the first entity does not actually have possession of the hardware or software to generate a Coupon, it would not be possible for the first entity to generate the Coupon that could be generated by the money source through use of the incorrect user key, the money source permutation variable and the money source sequence number.
- Fraudulent activity might also be detected by the nature of invalid Coupons submitted for verification. When the money source receives a Coupon for verification, it is possible to work backwards from the Coupon to determine what user key and permutation variable were used to generate the Coupon for a given sequence number. Based upon what user keys were used in generating invalid Coupons, it might be possible to spot potential fraudulent activity. It is also possible to detect or deter fraudulent activity, and increase security, if the user key is periodically changed. This can be done when the first entity and the money source validly agree to change the user key, and the money source's records are changed accordingly (including the money source Coupons contained within the sequential set).
- Although the foregoing detailed description is illustrative of preferred embodiments of the present invention, it is to be understood that additional embodiments thereof will be obvious to those skilled in the art. For example, the same inventive concepts disclosed herein could be used in a system in which a customer has two or more account numbers and/or identities, with the same or different user keys. In the case of an electronic card or telephone, this would allow the customer to select which account should be used (for example, to choose a business credit card for use with a business expense, a personal credit card for use with a personal expense, or a bank card at a local store for groceries and cash back). Alternatively, a customer might be permitted to use multiple user keys for the same account number and the same identity. This could allow some of the same functionality, or it could be used to classify the type or nature of the expense or transaction. Further modifications are also possible in alternative embodiments without departing from the inventive concept.
- Accordingly, this disclosure includes the following methods.
Method 1. A method for providing multiple secure transactions between a first entity and at least one additional entity, comprising the steps of - (1) generating a customer one-time unique purchase order number (“Coupon”) for the first entity by the following steps:
- (a) combining a user key with a customer permutation variable that is correlated with a customer sequence number to form a customer permutated user key;
- (b) using a customer random number generator to generate a customer user insertion key that is correlated with the customer sequence number; and
- (c) generating a Coupon from a user account number by inserting the permutated user key into the user account number in accordance with an algorithm that uses the customer user insertion key;
- (2) transferring the Coupon and a first entity identifier to a second entity;
(3) transferring the Coupon and the first entity identifier from the second entity to a money source repository;
(4) creating a sequential set of the money source repository having a preselected number of money source Coupons for the first entity by the following steps: - (a) combining the user key with a money source permutation variable that is correlated with a money source sequence number to form a money source permutated user key;
- (b) using a money source random number generator to generate a money source user insertion key that is correlated with the money source sequence number;
- (c) generating a money source Coupon from the user account number by inserting the money source permutated user key into the user account number in accordance with the algorithm that uses the money source user insertion key, wherein the money source Coupon is correlated with the money source sequence number and stored in the sequential set, said money source Coupon being identical to the Coupon when the customer permutation variable and the money source permutation variable are identical;
- (d) changing the money source sequence number; and
- (e) repeating steps (a) through (d) as needed so that the sequential set has the preselected number of money source Coupons;
- (5) verifying that the Coupon is valid for the first entity by confirming that it is identical to a matching money source Coupon contained within the sequential set;
(6) deleting the matching money source Coupon and all earlier created money source Coupons from the sequential set;
(7) changing the customer sequence number; and
(8) repeating steps (2) through (7).
Method 2. A method as recited inmethod 1, wherein the second entity is comprised of a plurality of different entities.
Method 3. A method as recited inmethod 1, wherein the customer random number generator and the money source random number generator are resynchronized from a first setting to a second setting.
Method 4. A method as recited inmethod 1, wherein the customer sequence number is changed every time a Coupon is generated.
Method 5. A method as recited inmethod 1, wherein the user key is entered into an input device whose output is used to generate the Coupon.
Method 6. A method as recited inmethod 5, wherein the customer sequence number is changed every time the user key is entered into the input device.
Method 7. A method as recited inmethod 1, comprising the following additional steps:
setting an invalid user account number condition if a preselected number of Coupons are not verified for the first entity; and
terminating step (5) when the invalid user account number condition is set. - The disclosure of U.S. Ser. No. 10/968,401 provides an unprecedented opportunity to customize use and processing of payment card transactions through use of one or more customization variables.
- In the context of this description, a one-time payment card number refers to a payment card number of either a credit or a debit card, generated in accordance with the present invention, that is useful in financial transactions in the same fashion as a traditional payment card number.
- Like a traditional payment card number, a one-time payment card number should be capable of being read by a standard magnetic stripe reader when it is part of a physical card used in traditional face-to-face transactions in which a user presents the physical card to a merchant for payment. However, like traditional payment card numbers, a one-time payment card number should also be capable of being used in a Mail Order Telephone Order (“MOTO”) credit card transaction between the user and a merchant. Thus, like a traditional payment card number, the one-time payment card number should fit within, and work with, present platforms and protocols for financial transactions involving payment cards, such as traditional credit cards. This versatility allows the one-time payment card number to be used with electronic cards, software programs used in network applications, or telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce).
- A traditional payment card number can be characterized as having three parts. First, there is a set of fixed variables. This contains numerals that represent certain specified data fields, such as a bank identifier and a month and year expiration date for a given payment card. (The “bank” may be any “money source” as that term has been defined in U.S. Pat. No. 5,937,394.) Second, there is a set of variable variables. This contains numerals that will vary for different payment cards issued by the same money source. In other words, this is the portion of the card number that will be specific to an individual entity or account for a given issuing money source. Third, there is a check sum digit. The value of the check sum digit is dictated by the other numerals in the card number.
- In the context of the present invention, a user one-time payment card number is akin to a traditional payment card number, with certain exceptions. In a traditional payment card number, there might be a set of six fixed variables, followed by a set of nine variable variables, followed by a check sum digit and another set of four fixed variables representing the month and year. When a user uses this traditional payment card number to complete a given financial transaction, the transaction is always completed by using the same twenty digits for the payment card number. By contrast, if the user uses a one-time payment card number to complete any such given financial transaction, the transaction will not be completed by always using the same twenty digits for the payment card number. Instead, the twenty digits of the one-time payment card number will vary, and the degree to which they vary may depend upon user selection of a customization parameter. In addition, because the one-time payment card number varies with successive usage, the check sum digit will not necessarily be the same with successive usage, although it may be. Thus, the check sum digit must be recalculated for each new one-time payment card number, and this is why it shall be referred to as a “check sum variable” in the context of a one-time payment card number according to the present invention.
- Another difference between a traditional payment card number and a one-time payment card number is the way that a given transaction using either number is validated by a verification agency, which may be a money source or an entity who processes payment card transactions. When a transaction involving a one-time payment card number is processed, the verification agency must verify that the one-time payment card number is valid for the user identifier for the particular given transaction, as opposed to any given transaction involving the user identifier. (The verification process must take into account how selection of the customization parameter may affect what the verification agency will receive for verification. Additional details regarding procedures that can be used to verify a one-time card number that can be customized are set forth in U.S. Pat. No. 6,609,654.) This difference is a reason why use of the one-time payment card number provides greater security and anonymity than can be obtained through use of a traditional payment card.
- A card number generator generates a one-time payment card number. As already described, this could be hardware or software, but, in either case, it will preferably include a customer random number generator and a customer sequence number. It is especially preferred that the card number generator be part of an electronic card, and that the electronic card be of the type described in U.S. application Ser. No. 09/571,707 filed May 15, 2000 for Anonymous Electronic Card for Generating Personal Coupons Useful in Commercial and Security Transactions, or in U.S. application Ser. No. 09/667,835.
- Several different methods can be used to generate a one-time payment card. No matter what method is used to generate a one-time payment card number, two successive one-time payment card numbers should be different. This can be accomplished by using a sequence number that is changed after each one-time payment card number is generated. (The present invention does not require that all theoretical possibilities will result in different one-time payment card numbers. Instead, it is preferred that there be a low probability of occurrence of identical one-time payment card numbers attributable to convergence of two different inputs leading to the same result due to operations performed on the inputs by the algorithm.)
- The preferred embodiments allow a user to customize use of an electronic card having a card number that varies with each use by selecting at least one customization parameter to customize a given use of the electronic card. There are three general customization parameters that can be used to customize a given use.
- First, the user can customize generation of the one-time card number. This can be done many different ways. An example of one way in which it can be done is to customize selection of a selected user key that is used to generate the one-time card number as is explained in U.S. Pat. No. 6,609,654. Another way in which it can be done is to include a customization variable in the one-time card number, or as an input into the algorithm used to generate the one-time card number.
- Second, the user can customize the user identifier that is used to validate the one-time card number. This can be done many different ways. One way is to choose one of two or more preselected identifiers as a selected user identifier. Another way is to modify the user identifier. Still another way is to add a customization variable, such as a numeric character, to the user identifier at a preselected location.
- Third, the user can include a customization variable with information transmitted to a verification agency for validation of the given use. Unlike the first two customization parameters, this parameter relies upon use of an additional field of data collected as part of the validation process for a given transaction, and this may require a change in established validation protocols. It is especially preferred that any such change be technically feasible within the confines of hardware that is being used to process traditional payment card transactions. In the context of an electronic card with a magnetic stripe, this means that it is preferred that the additional customization variable be stored in the magnetic stripe, and it is especially preferred that it be stored in the second track of the magnetic stripe. Additional details regarding inclusion of a customization variable in a magnetic stripe are set forth in U.S. Ser. No. 09/667,089.
- Once it is recognized that using one or more of the foregoing customization parameters will customize a given transaction involving use of a one-time payment card number, and that such customization will seamlessly allow a user to transmit additional information to the money source processing such transaction, without loss of desired security or anonymity, the options for using such customization are virtually limitless.
- After a one-time payment card number is validated for a given transaction, the money source can determine what customization parameter(s) was selected by the user for the given transaction, which allows the money source to determine what handling option should be used for the transaction involving the one-time payment card number. (It also allows the money source to determine what sequence number is associated with the one-time payment card number, so that its records can be synchronized as part of the validation process.)
- One use of multiple handling options is to allow the money source to access multiple accounts. For example, a user might use one account as a credit card, and another account as a debit or checking card. By choosing which account should be used for a given transaction, the user could determine, at the point of use, whether to charge the transaction, or have it deducted from an existing account balance. The same idea could be used for multiple credit cards, whether they are from the same issuer or different issuers, or even different cards, such as Visa®, MasterCard? Diner's Card®, Discover® or American Express®. In addition, the user might elect to have separate billing statements for separate accounts, or have all billing consolidated in a single statement.
- Another use of multiple handling options is to allow identification of the person completing a transaction, or to allow multiple persons access to a single account, or place different restrictions on multiple persons on a single account, For example, a single account might be opened with an issuing bank, but an entire family might be authorized to use the account. Thus, a father and a mother might have their own customization parameter, a teenage child might have another customization parameter and a lower authorized spending limit, and a preteen child might have a fourth customization parameter, but only be authorized to engage in a certain limited number of transactions per time period with a maximum spending limit for each transaction. All the members of this family could use the same card number generator embedded within a PDA or mobile phone, or on a computer or in an electronic card. At the end of a specified billing cycle, all transactions completed by any member of this family could be consolidated in a single bill, and that bill could indicate who spent what when during the billing cycle, and what it was spent on.
- Still another use of multiple handling options is to allow a user to classify the nature of a particular transaction at the time it is completed. For example, suppose an individual uses a single credit card for personal expenditures and business expenditures. By assigning one customization parameter to personal transactions, and a second customization parameter to business transactions, the user can simplify accounting for such transactions without the necessity of having and carrying two separate cards. If desired, the user could even receive two separate statements for such expenditures so that the personal expenditures would not be discernable from the documentation associated with the business expenditures. Individual transactions could also be classified according to a preselected set of criteria, and such criteria could be used in various financial programs. For example, a user might include a code classification system used in a money management system to create various reports that itemize categories of spending or assist in budgeting of finances.
- Yet another use of multiple handling options is to allow a user to preselect how a particular transaction is treated in a subsequent bill. For example, an individual user might not want a billing statement to include information about the identity of second entities who provide certain goods or services, or when transactions with such entities take place, but still want to have the billing statement include such information for other transactions. By selecting two different customization parameters with these two different handling options, the user has the option of controlling what information it receives in billing statements about individual transactions.
- Multiple handling options can also be used to guard privacy, or for commercial purposes that do not presently exist. For example, the user and the money source might enter into an agreement about how, and under what circumstances, the money source can distribute information about transactions of the user, depending upon which customization parameter is used in a given transaction. The agreement might provide different levels of confidentiality, and set up different levels or types of compensation tied to transactions falling within the different levels for a given time period.
- One level of confidentiality might restrict distribution of any information concerning a transaction by the money source to any third party. For example, a user might want strict confidentiality of any transaction involving medical services, and would not want the money source to divulge that information to any party unless legally required to do so. Or, maybe the user does not want any third party to learn of any transaction that exceeds a certain dollar amount, for fear of a potential deluge of unsolicited advertising. A user might pay a monthly fee for use of this option, a transaction based fee, or no fee at all.
- A second level of confidentiality might permit distribution of any information concerning a transaction by the money source to any third party. Such information is potentially valuable for purposes of advertising, and creating profiles for targeted marketing, and the money source might even pay the user for the right to sell such information.
- Other levels of confidentiality might fall between those already noted. For example, a third level might permit distribution of certain information concerning a transaction (such as the payee, the amount of purchase, the date of purchase, and a profile of the user), but restrict distribution of other information concerning a transaction (such as the identity of the user). Another level of confidentiality might restrict distribution of information concerning a transaction to any third party, but allow the money source to use such information for its own marketing efforts directed to the user.
- The teachings of U.S. Ser. No. 09/960,714, which has issued as U.S. Pat. No. 6,805,288, will now be discussed. This disclosure seeks to provide new methods for generating and processing Secure Card Numbers (SCN) that can be used in all types of transactions in which a conventional credit card account number is accepted. In addition, this disclosure conforms to the existing standards for PIN encryption as promulgated by the American Bankers Association (ABA), the American National Standards Institute (ANSI), the International Standards Organization (ISO), and the Federal Information Processing Standards (FIPS) Publications of the National Institute of Standards and Technology (NIST). Because the methodology is well suited for use in hardware and software applications, it has widespread applicability to many different types of transactions.
- The present disclosure is related to the concept of customer one-time unique purchase order numbers (“Coupons”) as described in U.S. Ser. No. 09/640,044. An algorithm is executed that uses a user account number, a customer sequence number, a customer permutated user key, and a Transaction Information Block (TIB) as input variables to form an SCN that is correlated with a sequence number. Combining a user key with a user account number, a user insertion key correlated with the customer sequence number, and then encrypting the result using the Triple Data Encryption Standards (TDES), forms the customer permutated user key. A random number generator generates the user insertion key that is correlated with the sequence number. The TIB may provide several pieces of information, including the conditions under which the SCN will be valid (i.e., the SCN type), additional account identification information, and the status of the device used for SCN generation. The sequence number can be changed after each SCN is generated and a new SCN can then be generated using a new user insertion variable correlated to the changed sequence number.
- After an SCN is generated, it is transferred with a first entity identifier to a second entity (which can actually be several entities), which then transfers the information to a money source. An individual SCN is verified as being valid by the money source by duplicating the generation of the customer permutated user key for the specified first entity and the specified sequence number, and then comparing it to the customer permutated user key which is embedded in the provided SCN. Additionally, the money source verifies that the specified SCN type is valid given the specific conditions of the transaction. Once verified as valid, each SCN passes through a life cycle in accordance with conventional credit card processing practices and with its SCN type, in which it may be used for various types of transactions before being retired. If a preselected number of SCNs are received by the money source and determined to be invalid (either consecutively or within a predetermined timeframe), then an invalid user account number condition is set to prevent further attempts to verify SCNs for that first entity.
- A user key can be entered into an input device which validates the user key by comparing it to a stored user key. If the entered user key is valid, the user can generate an SCN. The sequence number changes each time a user key is entered into the input device.
- A preferred embodiment of this disclosure is adapted for use in credit card transactions, and as such can be used in connection with a wide variety of instruments that can be used in connection with such financial transactions: electronic cards, software programs used in network applications, telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce), or even physical imprint transactions. Moreover, it can be used whether such transactions are conducted in person, face-to-face, or whether such transactions are conducted by an indirect medium, such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
- As is the case in most financial transactions, three parties are typically involved in completed credit card transactions according to the present invention. A party presents a credit card account number with the intent to initiate a monetary payment (or credit/return). In the context of the following description, this is the first entity or customer. Another party receives the credit card account number with the intent to receive a monetary payment (or credit/return), and this party can be a single party or two or more parties. In the context of the following description, the party or parties that are receiving the credit card account number are referred to as the second entity or merchant Finally, there is at least one party, and usually multiple parties, that serve as intermediaries to the monetary payment (or credit/return). The second entity provides the credit card account number to this party over several transactions to effect the monetary payment (or credit/return): authorization, incremental authorization, authorization reversal, settlement, and credit/return. The intermediary group of one or more parties will be referred to in the context of the following description as a money source. Thus, the money source may be one or more banks, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No. 5,913,203.
- In connection with this embodiment, it is not necessary that the first entity use a real identity, although such an option is also acceptable. Instead, a pseudonym, such as a screen name or an alias, could be used to protect the first entity's privacy and provide additional security.
- Although the first entity need not use a real identity, the first entity must establish an account with a money source. When the account is established, the first entity and the money source must agree upon a payment mechanism or protocol. In the case of a credit card or a bank card, this could be done in the same fashion as exists today, and the first entity could select a fictitious account name as is explained in greater detail in co-pending U.S. patent application Ser. No. 09/619,859. It is especially preferred that two different users not be allowed to select the same fictitious account name so that a fictitious account name also represents a unique identifier. However, the preferred embodiment could also be used in connection with a prepaid account. In such a scenario, the first entity could simply purchase a prepaid card and no real identity would ever be required.
- When the first entity establishes an account with the money source, a user key must be selected. The user key can be a PIN, similar to that which is currently in widespread use in the United States in connection with automated teller machines. Both the first entity and the money source must have access to the user key, which can be selected by either entity. In order to be able to retrieve this user key, the money source must create a record associated with the first entity that includes the user key and a first entity identifier (whether this be the real name of the first entity or a fictitious account name).
- Once the first entity has established an account with the money source and a user key has been selected, the first entity must be supplied with the means to generate a customer SCN. As already described, this could be hardware or software, but in either case it will include a user account number, a customer random number generator that will be used to generate user insertion keys that are correlated with a customer sequence number, and TDES encryption keys.
- The TDES encryption standard is the accepted standard for protecting a PIN during data transmission of financial transactions, as described by ISO 9564-1-1991 (Banking—Personal Identification Number Management and Security—PIN Protection Principles and Techniques, Section 6.2), ISO 9564-2-1991 (Banking—Personal Identification Number Management and Security—Approved Algorithms for PIN Encipherment), ANSI X9.52-1998 (Triple Data Encryption Algorithm—Modes of Operation), and FIPS PUB 46-3 (Data Encryption Standard (DES), dated 1999), the disclosures of which are specifically incorporated herein by reference.
- In order to effectively use TDES for PIN encryption, the PIN must be combined with a new set of randomly generated data for each transaction. Otherwise, the encrypted PIN would always be the same value. A customer random number generator, such as the one that is described in U.S. patent application Ser. No. 09/640,044, filed Aug. 15, 2000 and which is generally known as a Linear Congruential Generator (LCG), is used for this purpose. This random number generator is algorithmic (i.e., pseudo-random)—when starting with the same set of seeds, it always produces the same sequence of numbers. It can therefore be reproduced by the money source in order to validate a given SCN. Furthermore, since this pseudo random number generator generates its values in a reproducible sequence, each of the values in the sequence can be identified by a Counter value that indicates that number's location in the sequence. The set of random numbers generated and combined with the PIN are collectively referred to as the Sequence Insertion Number (SIN).
- In the real world of credit card transactions, it is not possible to assume that transactions conducted by the first entity in a given order will always be received by the money source in that same order. Therefore, the money source method of SCN validation must be based on an embedded sequence value. The Counter value is used for this purpose in the preferred embodiment.
- In general, this method can be used to generate SCNs of many different lengths. In the conventional credit card processing infrastructure, a credit card number is typically 16 digits in length. Such a number comprises three sub-numbers: a 6 digit Bank Identification Number (BIN), a 9-digit account number, and a 1-digit checksum number. For the purpose of being compatible with the existing credit card processing infrastructure, the SCN could be 9 digits in length, and could take the place of the account number in the conventional 16-digit credit card number.
- In a preferred embodiment, the 9-digit SCN itself comprises three sub-numbers: a 1 digit TIB, a 4 digit Counter Block (which identifies the random number being used for encryption), and a 4 digit encrypted PIN Block.
- The 1 digit TIB may take on up to 10 different values, each of which may indicate multiple pieces of information. The TIB can be used to determine which of a plurality of account numbers associated with the first entity should be used for the first transaction. The account numbers can represent, for example, different credit card accounts or different payment or credit cards. A first account number might be associated with the TIB value of 0, a second account number might be associated with the values of 1 and 2, a third account number might be associated with values of 3 and 4, and so forth, wherein any odd value may be restricted to a one transaction limitation while any even value may be used to invoke permission for multiple transactions at a single merchant. In the preferred embodiment, a TIB value of 0 indicates that the SCN may only be used for one transaction; any attempts to use it for subsequent transactions will result in a transaction denial from the money source. A value of 1 indicates the same transaction restrictions as 0, but also indicates that the device generating the SCN has a low battery power condition. A low battery power condition can be detected by a diagnostic program or it can be extrapolated from an empirical record (or counter) of the number of transactions presented for authorization. The transaction counter used to extrapolate a low batter power condition can be collected from the firmware used to generate SCNs or from software behind the money source firewall. A value of 2 indicates that the SCN may be used for multiple transactions, but only at a single merchant; any attempts to use it for subsequent transactions at a different merchant will result in a transaction denial from the money source. A value of 3 indicates the same transaction restrictions as 1, but also indicates that the device generating the SCN has a low battery power condition. Furthermore, a set of TIB values (4, 5, 6, 7) might represent the same restriction and status information as (0, 1, 2, 3), respectively, but further indicate that the transaction is associated with a different subentity (e.g., the first entity identifier identifies a married couple, and the TIB identifies each individual spouse.) Other values might also be used to enforce additional transaction restrictions in ways readily apparent to those skilled in the art.
- The TIB can also be used by the money source to uniquely identify a physical device (such as an electronic card) used to generate the SCN. This aspect of the TIB is especially useful when the money source issues more than one card to a first entity. Multiple cards might be issued to the same person (i.e., the first entity) for different uses, or multiple cards might be issued to the same person for use by different individuals (such as family members). In such instances, the TIB can identify which physical card, issued to the first entity, is used for a given transaction. When the TIB is used in this way, the TIB can be used as a customization variable to recognize multiple cards otherwise issued to a single first entity (which might also be a legal entity, such as a corporation).
- The 4-digit Counter Block is unencrypted information provided so that the money source may decrypt and validate the SCN. It may be simply the actual Counter value (incremented after each use), but in the preferred embodiment, it is created by adding the Counter value to a starting value known to both the first entity and to the money source.
- The 4-digit PIN Block is the encrypted information that is used to validate the fact that the SCN originated from the first entity. The PIN Block is formed using the PIN, the SIN, and a starting value known to both the first entity and to the money source. It is encrypted using TDES, which requires use of three 64-bit keys known to both the first entity and to the money source. In order to encrypt such a small number (16 bits) with such a high level of encryption (158 bits), the PIN must first be expanded to a 64 bit number, then encrypted, and finally reduced back to a 16 bit number—and in such a way that it is guaranteed to be different for each transaction.
- The SIN is the product of an LCG random number generator that is initialized with three 2-byte integer seeds—the result of operating the LCG on these seeds is a 2-byte random value. The 8-byte SIN consists of the three seeds plus the random value. As a by-product of its operation, the LCG also produces three new seeds, which will be used for the next iteration of the LCG algorithm. The SIN may therefore be associated with a Counter value that indicates a unique location in the sequence of seeds and value generated by the LCG. This SIN is used as the random basis for each successively TDES-encrypted PIN Block, and guarantees a properly encrypted PIN Block for each transaction. To allow proper validation of the SCN, the Counter value stored in the Counter block is the one associated with the SIN used as the random basis for the PIN Block.
- The creation of the PIN Block starts by dividing the 8-byte SIN into four 2-byte integers. The PIN and a predefined constant value are both added to each individual 2-byte integer. The results are then concatenated back again to form an 8-byte input block to the TDES algorithm, which encrypts them into an 8-byte output block. The output block is then divided back into four 2-byte integers (x1, x2, x3, x4). These four values are then used in the following formula to produce the 4-digit PIN Block value P:
- Formula 1: PRNG Value Calculation
-
P=(Ax1+Bx2+Cx3+Dx4)mod10000 - In this formula, the four values (A,B,C,D) are each odd integers. The “mod” calculation is a standard modulo arithmetic operation, and works as follows: if the resulting number is greater than 10,000 (or 20,000 or 30,000, etc.), then the value of 10,000 (or 20,000 or 30,000, etc.) is subtracted from it, leaving a positive four digit value.
- Once created, the SCN is transmitted along with the first entity identifier from the first entity to the second entity and, subsequently, to the money source. In one embodiment, the SCN is used in an account number that replaces the conventional credit card number, and the first entity identifier is a static 9 digit number pre-assigned to the first entity that is transferred to the money source in a non-account data field. In the case of an electronic swipe credit card transaction, the first entity identifier is dynamically encoded onto
Track 1 and/orTrack 2 of the magnetic stripe in the area known as the Discretionary Data Field, which comprises up to 13 digits of information. In the case of a transaction where the first entity is not present, such as a mail order, telephone order, or Internet order, the first entity identifier is transmitted as part of the Billing Address field in one of many possible forms. For example, it may be entered as “P.O. Box <first-entity-identifier”. - In an especially preferred embodiment, the SCN is not used in an account number to replace the conventional credit card number, but is instead used in conjunction with it—the conventional credit card number itself functions as the first entity identifier, and the SCN is used as a dynamic digital signature to positively identify the first entity and is transferred to the money source in a non-account field of data. In this case, the SCN is transmitted either in the Discretionary Data Field of
Track 1 and/orTrack 2 or via the Billing Address in a card-not-present transaction. - The Money Source validates the SCN by using the first entity identifier to lookup the information necessary to reproduce the PIN Block encryption for the first entity: the TDES keys, the LCG Seeds, and the PIN. The Money source determines the Counter value by examining the Counter Block, reproduces the calculation of the PIN Block, and then compares the results to the received PIN Block to perform the actual validation.
- The Money Source also validates the usage of the SCN based on the embedded TIB. It therefore enforces the various policies based on the first entity's previous transaction history: single-use, multiple-use for single merchant, card-present only.
- In the embodiment when the SCN is used in an account number in place of the conventional credit card number, it passes through the standard credit card transaction life-cycle: initial authorization, potential incremental authorization, potential authorization reversal, settlement, and potential credit/return. However, in an especially preferred embodiment, the SCN is only used for initial authorization—beyond that, the Money Source performs its standard transaction processing.
- The Money Source may detect fraudulent transaction attempts in various ways. In both the embodiment where the SCN replaces the conventional credit card number, the Money Source may check for re-use of single-use SCNs, use of SCNs without first entity identifiers when the card is not present, re-use of multiple-use/single-merchant SCNs at a different merchant, or SCNs with invalid PIN Blocks. Each of these cases represents a different type of fraud. The Money Source may take various actions in response to each of these types of attacks, such as disabling the account after an excessive number of fraudulent transaction attempts, or returning the code indicating that the merchant should retain the credit card being used for the transaction.
- In the preferred embodiment, the Money Source detects fraudulent authorization attempts such as re-use of single-use SCNs, re-use of multiple-use/single-merchant SCNs at a different merchant, SCNs with invalid PIN Blocks, or use of the conventional credit card number on an SCN-enabled account without inclusion of an SCN when the card is not-present. This last case covers simple Internet fraud attempts, but allows, for example, a manual-entry transaction at a POS machine or an imprint transaction. After detecting fraud attempts, the Money Source may take the same types of actions as described above.
- It should be noted that the preferred embodiment allows the SCN, when paired with a conventional credit card number, to be validated by back-end software that is integrated with the issuing money source's authorization and settlement processing. An issuing money source can identify an SCN-enabled credit card account in an issuer-determined fashion (e.g., a unique Bank Identification Number). It then forwards select transaction information to the SCN-enabling software, which is installed behind the issuing money source's firewall, which validates the SCN. This means that software generating the SCN can be allowed operate in isolation—it does not have to be in communication with the back-end software—and thus it can be embedded in a credit card or other standalone device.
- The inventions described above can be implemented by a money source for use with an electronic card. It is preferable that every user account utilizes the same Pseudo Random Number Generator (PRNG), such as the PRNG described in P. L′Ecuyer, “Efficient and Portable Combined Random Number Generators”, Communications of the ACM, 31(6):742-749,774, 1988, the disclosure of which is specifically incorporated herein by reference. However, each cardholder account has a different initial seed, and thus uses a different part of the PRNG sequence. Since the PRNG has an overall period of 10.sup.12, there is ample room for each account to have its own non-repeating subsequence of 10,000 values.
- The PRNG is divided into two parts: seed generation (Formula 2) and value calculation (Formula 3). In these formulas (expressed using C code fragments), the set (S.sub.x.sup.0, S.sub.x.sup.1, S.sub.x.sup.2) is a triplet of five-digit values in the range ([1, 32362], [1, 31726], [1, 31656])), and represents the seed in the x.sup.th location in the sequence. Z is interim storage for the pseudo random number, and PRNG[x] indicates the pseudo random number in the x.sup.th location in the sequence. Note that for the practical usage of this algorithm, “x” corresponds to the current Counter value. For each transaction,
Formula 2 generates the seed (based on the previous seed) andFormula 3 generates the PRNG value. - Formula 2: PRNG Value Calculation
-
Z=Sx0−Sx1; -
if (Z>706)Z=Z−32362; -
Z=Z+Sx2; -
if (Z<1)Z=Z+32362; -
PRNG[x]=Z - Formula 3: PRNG Seed Generation
-
Sx10=(Sx−10*157)mod 32363 -
Sx20=(Sx−11*146)mod 31727 -
Sx2=(Sx−12*142)mod 31657 - In all cases, the initial PRNG seed (which generates
value 0 in the PRNG sequence) is pre-assigned to the card. Additionally, the most recently used seed is stored in Random Access Memory (RAM). Thus, when an SCN must be generated, the card runs through bothFormulas - Since the SCN is calculated in an algorithmic fashion, it is possible to pre-calculate the values for a given first entity, and store them on an electronic card. This embodiment is most useful where it is more advantageous to store a large amount of data on the electronic card than it is to perform the algorithms discussed above.
- Use of the SCN technology described herein is secure when it requires the cardholder to enter a PIN in order to generate a unique SCN that is valid for only one transaction, and for only the specified cardholder. At no time during the transaction is the PIN at risk. By utilizing both encryption and random number generation technologies described herein, it is possible to achieve at least a 99.9% level of protection against fraud.
- Thus, this disclosure teaches a method for providing one or more secure transactions between a first entity and at least one additional entity, comprising the steps of (1) using an electronic card to generate a Secure Card Number (“SCN”) for the first entity, wherein the SCN is comprised of (a) a Transaction Information Block (“TIB”); (b) a Counter Block; and (c) an encrypted Personal Identification Number (“PIN”) Block; (2) transferring the SCN and a first entity identifier to a second entity in a first transaction; (3) transferring the SCN and the first entity identifier from the second entity to a money source; and (4) verifying that the first transaction is valid with the money source by use of the first entity identifier and the SCN; wherein the TIB can be used for invoking one or more restrictions on use of the SCN; and wherein the TIB is used by the money source to determine whether the device which generated the SCN has changed status condition. The changed status condition can be a low battery condition detected by a diagnostic program or by using an empirical record of the number of transactions presented for authorization and determination of the low battery condition can be made by the electronic card which also keeps the empirical record. Alternatively, determination of the low battery condition is made by the money source which the empirical record. The changed status condition can also be an invalid user input status.
- Although the foregoing detailed description is illustrative of preferred embodiments of the present invention, it is to be understood that additional embodiments thereof will be obvious to those skilled in the art. Further modifications are also possible in alternative embodiments without departing from the inventive concept.
- Accordingly, it will be readily apparent to those skilled in the art that still further changes and modifications in the actual concepts described herein can readily be made without departing from the spirit and scope of the disclosed inventions as defined by the following claims.
Claims (64)
1. A method for providing one or more secure transactions between a first entity and at least one additional entity comprising:
(a) receiving a customization parameter from the first entity;
(b) electronically generating an encrypted transaction validation code which positively identifies a transaction for a first entity, the first entity having a first entity identifier;
(c) electronically transferring the validation code and the first entity identifier to a second entity in a first transaction;
(d) electronically transferring the validation code and the first entity identifier from the second entity to a money source;
(e) electronically verifying that the first transaction is valid with the money source by use of the first entity identifier and the validation code; and
(f) customizing the first transaction through use of the customization parameter;
wherein the first entity identifier is transferred to the money source as an account number and the validation code is transferred to the money in a non-account data field.
2. A method, comprising:
(a) receiving an encrypted transaction validation code which positively identifies a first transaction for a first entity, the first entity having a first entity identifier;
(b) receiving a customization parameter for the first transaction;
(c) electronically verifying that the first transaction is valid by use of the first entity identifier and the validation code; and
(d) customizing the first transaction through use of the customization parameter;
wherein the first entity identifier is transferred to a money source as an account number and the validation code is transferred to the money source in a non-account data field.
3. The method as recited in claim 2 , wherein the validation code is formed by using a Triple Data Encryption Standard algorithm (“TEDS”).
4. The method as recited in claim 2 , wherein the customization variable is used to select between a first handling option and a second handling option between the money source and the first entity.
5. The method as recited in claim 4 , wherein the first and the second handling options are mechanisms to bill a first account and a second account and the first account and the second account are two separate accounts.
6. The method as recited in claim 5 , wherein the first entity is sent a single bill for charges to the first account and the second account.
7. The method as recited in claim 6 , wherein the first account is established with a first money source and the second account is established with a second money source and the second money source is different from the first money source.
8. The method as recited in claim 5 , wherein the first account is a credit account and the second account is a credit account.
9. The method as recited in claim 5 , wherein the first entity is sent a first bill for the first account and a separate bill for the second amount.
10. The method as recited in claim 4 , wherein the first and the second handling options are a first and a second mechanism for dealing with distribution of information concerning a plurality of payment card transactions.
11. The method as recited in claim 10 , wherein the first mechanism restricts the distribution from the money source to a third party of information relating to any payment card transaction in which the user payment card number is generated by use of a first user key.
12. The method as recited in claim 10 , wherein the first mechanism restricts the distribution from the money source to a second entity of personal information of the first entity relating to any payment card transaction in which the user payment card number is generated by use of a first user key.
13. The method as recited in claim 11 , wherein the money source receives consideration from the first entity for use of the first mechanism.
14. The method as recited in claim 10 , wherein the second mechanism permits the distribution from the money source to a third party of information relating to any payment card transaction in which the user payment card number is generated by use of a second user key.
15. The method as recited in claim 10 , wherein the second mechanism permits the distribution from the money source to a second entity of personal information of the first entity relating to any payment card transaction in which the user payment card number is generated by use of a second user key.
16. The method as recited in claim 14 , wherein the money source provides the first entity with consideration for use of the second mechanism.
17. The method as recited in claim 4 , wherein the first and the second handling options provide a mechanism for classifying the nature of the plurality of payment card transactions.
18. The method as recited in claim 4 , wherein the first handling option is used for business transactions and the second handling option is used for personal transactions.
19. The method as recited in claim 4 , wherein the first and the second handling options provide a mechanism for identifying either a first user or a second user as the first entity.
20. The method as recited in claim 19 , wherein approval of a payment card transaction for the first user is subject to different restrictions than approval of a payment card transaction for the second user.
21. The method as recited in claim 4 , wherein the first and the second handling options provide a mechanism for controlling what information is reported about the plurality of payment card transactions in a billing statement.
22. The method as recited in claim 2 wherein the money source obtains the customization variable from the validation code.
23. The method as recited in claim 2 wherein the customization variable is received through use of at least one button.
24. A method for providing one or more secure transactions between a first entity and at least one additional entity comprising:
(a) receiving an encrypted transaction validation code which positively identifies a first transaction for a first entity, the first entity having a first entity identifier;
(b) receiving a customization parameter for the first transaction;
(c) electronically verifying that the first transaction is valid by use of the first entity identifier and the validation code; and
(d) customizing the first transaction through use of the customization parameter;
wherein the money source validates the validation code by duplicating the encryption process used to create the validation code and by then comparing the result to the validation code received with the first transaction.
25. The method as recited in claim 24 , wherein the customization variable is used to select between a first handling option and a second handling option between the money source and the first entity.
26. The method as recited in claim 25 , wherein the first and the second handling options are mechanisms to bill a first account and a second account and the first account and the second account are two separate accounts.
27. The method as recited in claim 26 , wherein the first entity is sent a single bill for charges to the first account and the second account.
28. The method as recited in claim 27 , wherein the first account is established with a first money source and the second account is established with a second money source and the second money source is different from the first money source.
29. The method as recited in claim 26 , wherein the first account is a credit account and the second account is a credit account.
30. The method as recited in claim 26 , wherein the first entity is sent a first bill for the first account and a separate bill for the second amount.
31. The method as recited in claim 25 , wherein the first and the second handling options are a first and a second mechanism for dealing with distribution of information concerning a plurality of payment card transactions.
32. The method as recited in claim 31 , wherein the first mechanism restricts the distribution from the money source to a third party of information relating to any payment card transaction in which the user payment card number is generated by use of a first user key.
33. The method as recited in claim 31 , wherein the first mechanism restricts the distribution from the money source to a second entity of personal information of the user relating to any payment card transaction in which the user payment card number is generated by use of a first user key.
34. The method as recited in claim 32 , wherein the money source receives consideration from the first entity for use of the first mechanism.
35. The method as recited in claim 31 , wherein the second mechanism permits the distribution from the money source to a third party of information relating to any payment card transaction in which the user payment card number is generated by use of a second user key.
36. The method as recited in claim 31 , wherein the second mechanism permits the distribution from the money source to a second entity of personal information of the first entity relating to any payment card transaction in which the user payment card number is generated by use of a second user key.
37. The method as recited in claim 35 , wherein the money source provides the user with consideration for use of the second mechanism.
38. The method as recited in claim 25 , wherein the first and second handling options provide a mechanism for classifying the nature of a plurality of payment card transactions.
39. The method as recited in claim 25 , wherein the first handling option is used for business transactions and the second handling option is used for personal transactions.
40. The method as recited in claim 25 , wherein the first and the second handling options provide a mechanism for identifying either a first user or a second user as the first entity.
41. The method as recited in claim 40 , wherein approval of a payment card transaction for the first user is subject to different restrictions than approval of a payment card transaction for the second user.
42. The method as recited in claim 25 , wherein the first and the second handling options provide a mechanism for controlling what information is reported about a plurality of payment card transactions in a billing statement.
43. The method as recited in claim 24 wherein the money source obtains the customization variable from the validation code.
44. A method, comprising:
(a) receiving an encrypted transaction validation code which positively identifies a first transaction for a first entity, the first entity having a first entity identifier;
(b) receiving a customization parameter for the first transaction;
(c) electronically verifying that the first transaction is valid by use of the first entity identifier and the validation code; and
(d) customizing the first transaction through use of the customization parameter;
wherein the validation code is, at least in part, encrypted, and
wherein the money source validates the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received with the first transaction.
45. The method as recited in claim 44 , wherein the customization variable is used to select between a first handling option and a second handling option between the money source and the first entity.
46. The method as recited in claim 45 , wherein the first and the second handling options are mechanisms to bill a first account and a second account and the first account and the second account are two separate accounts.
47. The method as recited in claim 46 , wherein the first entity is sent a single bill for charges to the first account and the second account.
48. The method as recited in claim 47 , wherein the first account is established with a first money source and the second account is established with a second money source and the second money source is different from the first money source.
49. The method as recited in claim 46 , wherein the first account is a credit account and the second account is a credit account.
50. The method as recited in claim 46 , wherein the first entity is sent a first bill for the first account and a separate bill for the second amount.
51. The method as recited in claim 45 , wherein the first and the second handling options are a first and a second mechanism for dealing with distribution of information concerning a plurality of payment card transactions.
52. The method as recited in claim 51 , wherein the first mechanism restricts the distribution from the money source to a third party of information relating to any payment card transaction in which the user payment card number is generated by use of the first user key.
53. The method as recited in claim 51 , wherein the first mechanism restricts the distribution from the money source to a second entity of personal information of the first entity relating to any payment card transaction in which the user payment card number is generated by use of a first user key.
54. The method as recited in claim 52 , wherein the money source receives consideration from the first entity for use of the first mechanism.
55. The method as recited in claim 51 , wherein the second mechanism permits distribution from the money source to a third party of information relating to any payment card transaction in which the user payment card number is generated by use of a second user key.
56. The method as recited in claim 51 , wherein the second mechanism permits distribution from the money source to a second entity of personal information of the first entity relating to any payment card transaction in which the user payment card number is generated by use of a second user key.
57. The method as recited in claim 55 , wherein the money source provides the user with consideration for use of the second mechanism.
58. The method as recited in claim 45 , wherein the first and second handling options provide a mechanism for classifying the nature of a plurality of payment card transactions.
59. The method as recited in claim 45 , wherein the first handling option is used for business transactions and the second handling option is used for personal transactions.
60. The method as recited in claim 45 , wherein the first and the second handling options provide a mechanism for identifying either a first user or a second user as the first entity.
61. The method as recited in claim 60 , wherein approval of a payment card transaction for the first user is subject to different restrictions than approval of a payment card transaction for the second user.
62. The method as recited in claim 45 , wherein the first and the second handling options provide a mechanism for controlling what information is reported about a plurality of payment card transactions in a billing statement.
63. The method as recited in claim 44 wherein the money source obtains the customization variable from the validation code.
64. The method as recited in claim 44 wherein the customization variable is received through use of at least one button.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/529,713 US20120265689A1 (en) | 2000-05-15 | 2012-06-21 | Methods for Customizing Secured Transactions that are Verified by a Money Source |
Applications Claiming Priority (9)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/571,707 US6592044B1 (en) | 2000-05-15 | 2000-05-15 | Anonymous electronic card for generating personal coupons useful in commercial and security transactions |
US61985900A | 2000-07-20 | 2000-07-20 | |
US64004400A | 2000-08-15 | 2000-08-15 | |
US65943400A | 2000-09-08 | 2000-09-08 | |
US66708100A | 2000-09-21 | 2000-09-21 | |
US66708900A | 2000-09-21 | 2000-09-21 | |
US09/960,714 US6805288B2 (en) | 2000-05-15 | 2001-09-21 | Method for generating customer secure card numbers subject to use restrictions by an electronic card |
US10/968,401 US20050086177A1 (en) | 2000-05-15 | 2004-10-18 | Method for customizing payment card transactions at the time of the transactions |
US13/529,713 US20120265689A1 (en) | 2000-05-15 | 2012-06-21 | Methods for Customizing Secured Transactions that are Verified by a Money Source |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/968,401 Continuation US20050086177A1 (en) | 2000-05-15 | 2004-10-18 | Method for customizing payment card transactions at the time of the transactions |
Publications (1)
Publication Number | Publication Date |
---|---|
US20120265689A1 true US20120265689A1 (en) | 2012-10-18 |
Family
ID=34427183
Family Applications (9)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/960,714 Expired - Lifetime US6805288B2 (en) | 2000-05-15 | 2001-09-21 | Method for generating customer secure card numbers subject to use restrictions by an electronic card |
US10/968,399 Expired - Fee Related US8191772B2 (en) | 2000-05-15 | 2004-10-18 | Method for generating customer one-time unique purchase order numbers |
US10/968,401 Abandoned US20050086177A1 (en) | 2000-05-15 | 2004-10-18 | Method for customizing payment card transactions at the time of the transactions |
US10/968,402 Expired - Fee Related US7693798B2 (en) | 2000-05-15 | 2004-10-18 | Anonymous merchandise delivery system |
US10/968,398 Expired - Fee Related US7748616B2 (en) | 2000-05-15 | 2004-10-18 | Method for implementing anonymous credit card transactions using a fictitious account name |
US13/438,710 Expired - Fee Related US8690055B2 (en) | 2000-05-15 | 2012-04-03 | Electronic card |
US13/528,062 Abandoned US20120317037A1 (en) | 2000-05-15 | 2012-06-20 | Methods for Providing Secure Transactions |
US13/529,713 Abandoned US20120265689A1 (en) | 2000-05-15 | 2012-06-21 | Methods for Customizing Secured Transactions that are Verified by a Money Source |
US14/188,491 Abandoned US20140231527A1 (en) | 2000-05-15 | 2014-02-24 | Electronic Card |
Family Applications Before (7)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/960,714 Expired - Lifetime US6805288B2 (en) | 2000-05-15 | 2001-09-21 | Method for generating customer secure card numbers subject to use restrictions by an electronic card |
US10/968,399 Expired - Fee Related US8191772B2 (en) | 2000-05-15 | 2004-10-18 | Method for generating customer one-time unique purchase order numbers |
US10/968,401 Abandoned US20050086177A1 (en) | 2000-05-15 | 2004-10-18 | Method for customizing payment card transactions at the time of the transactions |
US10/968,402 Expired - Fee Related US7693798B2 (en) | 2000-05-15 | 2004-10-18 | Anonymous merchandise delivery system |
US10/968,398 Expired - Fee Related US7748616B2 (en) | 2000-05-15 | 2004-10-18 | Method for implementing anonymous credit card transactions using a fictitious account name |
US13/438,710 Expired - Fee Related US8690055B2 (en) | 2000-05-15 | 2012-04-03 | Electronic card |
US13/528,062 Abandoned US20120317037A1 (en) | 2000-05-15 | 2012-06-20 | Methods for Providing Secure Transactions |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/188,491 Abandoned US20140231527A1 (en) | 2000-05-15 | 2014-02-24 | Electronic Card |
Country Status (1)
Country | Link |
---|---|
US (9) | US6805288B2 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130248594A1 (en) * | 2012-03-21 | 2013-09-26 | Sunit SOOM | Multi-function, interactive payment card |
US20170316479A1 (en) * | 2016-04-29 | 2017-11-02 | Bank Of America Corporation | System for user authentication based on linking a randomly generated number to the user and a physical item |
US10268635B2 (en) | 2016-06-17 | 2019-04-23 | Bank Of America Corporation | System for data rotation through tokenization |
Families Citing this family (301)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6131811A (en) | 1998-05-29 | 2000-10-17 | E-Micro Corporation | Wallet consolidator |
US7809642B1 (en) | 1998-06-22 | 2010-10-05 | Jpmorgan Chase Bank, N.A. | Debit purchasing of stored value card for use by and/or delivery to others |
US6615189B1 (en) | 1998-06-22 | 2003-09-02 | Bank One, Delaware, National Association | Debit purchasing of stored value card for use by and/or delivery to others |
US7058817B1 (en) | 1999-07-02 | 2006-06-06 | The Chase Manhattan Bank | System and method for single sign on process for websites with multiple applications and services |
US7321864B1 (en) * | 1999-11-04 | 2008-01-22 | Jpmorgan Chase Bank, N.A. | System and method for providing funding approval associated with a project based on a document collection |
WO2001033477A2 (en) * | 1999-11-04 | 2001-05-10 | Jpmorgan Chase Bank | System and method for automated financial project management |
US8571975B1 (en) | 1999-11-24 | 2013-10-29 | Jpmorgan Chase Bank, N.A. | System and method for sending money via E-mail over the internet |
US8793160B2 (en) | 1999-12-07 | 2014-07-29 | Steve Sorem | System and method for processing transactions |
US6615190B1 (en) * | 2000-02-09 | 2003-09-02 | Bank One, Delaware, National Association | Sponsor funded stored value card |
WO2001069556A2 (en) | 2000-03-15 | 2001-09-20 | Mastercard International Incorporated | Method and system for secure payments over a computer network |
US20050127164A1 (en) * | 2002-03-19 | 2005-06-16 | John Wankmueller | Method and system for conducting a transaction using a proximity device and an identifier |
US20100223186A1 (en) * | 2000-04-11 | 2010-09-02 | Hogan Edward J | Method and System for Conducting Secure Payments |
US6805288B2 (en) | 2000-05-15 | 2004-10-19 | Larry Routhenstein | Method for generating customer secure card numbers subject to use restrictions by an electronic card |
US7426530B1 (en) | 2000-06-12 | 2008-09-16 | Jpmorgan Chase Bank, N.A. | System and method for providing customers with seamless entry to a remote server |
US10185936B2 (en) | 2000-06-22 | 2019-01-22 | Jpmorgan Chase Bank, N.A. | Method and system for processing internet payments |
AU2001285985A1 (en) * | 2000-08-28 | 2002-03-13 | Schlumberger Systemes | Method for providing identification data of a banking card to a user |
US7000001B2 (en) * | 2000-09-12 | 2006-02-14 | Research In Motion Limited | Bookmark beacon system and method |
US7246263B2 (en) * | 2000-09-20 | 2007-07-17 | Jpmorgan Chase Bank | System and method for portal infrastructure tracking |
US8335855B2 (en) * | 2001-09-19 | 2012-12-18 | Jpmorgan Chase Bank, N.A. | System and method for portal infrastructure tracking |
US20020103736A1 (en) * | 2001-01-29 | 2002-08-01 | Webb Steven L. | Method for secure credit card entry into an online database |
US8849716B1 (en) | 2001-04-20 | 2014-09-30 | Jpmorgan Chase Bank, N.A. | System and method for preventing identity theft or misuse by restricting access |
US7313546B2 (en) | 2001-05-23 | 2007-12-25 | Jp Morgan Chase Bank, N.A. | System and method for currency selectable stored value instrument |
US7689506B2 (en) | 2001-06-07 | 2010-03-30 | Jpmorgan Chase Bank, N.A. | System and method for rapid updating of credit information |
US7266839B2 (en) | 2001-07-12 | 2007-09-04 | J P Morgan Chase Bank | System and method for providing discriminated content to network users |
US7860789B2 (en) | 2001-07-24 | 2010-12-28 | Jpmorgan Chase Bank, N.A. | Multiple account advanced payment card and method of routing card transactions |
US8020754B2 (en) | 2001-08-13 | 2011-09-20 | Jpmorgan Chase Bank, N.A. | System and method for funding a collective account by use of an electronic tag |
US7195154B2 (en) * | 2001-09-21 | 2007-03-27 | Privasys, Inc. | Method for generating customer secure card numbers |
US7103576B2 (en) | 2001-09-21 | 2006-09-05 | First Usa Bank, Na | System for providing cardless payment |
US7689504B2 (en) * | 2001-11-01 | 2010-03-30 | Jpmorgan Chase Bank, N.A. | System and method for establishing or modifying an account with user selectable terms |
US7987501B2 (en) | 2001-12-04 | 2011-07-26 | Jpmorgan Chase Bank, N.A. | System and method for single session sign-on |
US7941533B2 (en) * | 2002-02-19 | 2011-05-10 | Jpmorgan Chase Bank, N.A. | System and method for single sign-on session management without central server |
MXPA04008973A (en) * | 2002-03-19 | 2005-02-17 | Mastercard International Inc | Method and system for conducting a transaction using a proximity device. |
US20180165441A1 (en) | 2002-03-25 | 2018-06-14 | Glenn Cobourn Everhart | Systems and methods for multifactor authentication |
US7899753B1 (en) | 2002-03-25 | 2011-03-01 | Jpmorgan Chase Bank, N.A | Systems and methods for time variable financial authentication |
WO2003083619A2 (en) | 2002-03-29 | 2003-10-09 | Bank One, Delaware, N.A. | System and process for performing purchase transaction using tokens |
US7246324B2 (en) * | 2002-05-23 | 2007-07-17 | Jpmorgan Chase Bank | Method and system for data capture with hidden applets |
US7472171B2 (en) * | 2002-06-21 | 2008-12-30 | Jpmorgan Chase Bank, National Association | Method and system for determining receipt of a delayed cookie in a client-server architecture |
US7234065B2 (en) * | 2002-09-17 | 2007-06-19 | Jpmorgan Chase Bank | System and method for managing data privacy |
US7058660B2 (en) * | 2002-10-02 | 2006-06-06 | Bank One Corporation | System and method for network-based project management |
US20040122736A1 (en) | 2002-10-11 | 2004-06-24 | Bank One, Delaware, N.A. | System and method for granting promotional rewards to credit account holders |
US8301493B2 (en) | 2002-11-05 | 2012-10-30 | Jpmorgan Chase Bank, N.A. | System and method for providing incentives to consumers to share information |
JP2004172923A (en) * | 2002-11-20 | 2004-06-17 | Nec Corp | Portable telephone terminal, and pay service restriction method used therefor |
US20040153418A1 (en) * | 2003-02-05 | 2004-08-05 | Hanweck Gerald Alfred | System and method for providing access to data from proprietary tools |
US7100821B2 (en) * | 2003-05-15 | 2006-09-05 | Mehran Randall Rasti | Charge card and debit transactions using a variable charge number |
US8306907B2 (en) | 2003-05-30 | 2012-11-06 | Jpmorgan Chase Bank N.A. | System and method for offering risk-based interest rates in a credit instrument |
US20050055555A1 (en) * | 2003-09-05 | 2005-03-10 | Rao Srinivasan N. | Single sign-on authentication system |
US8190893B2 (en) | 2003-10-27 | 2012-05-29 | Jp Morgan Chase Bank | Portable security transaction protocol |
US7543739B2 (en) * | 2003-12-17 | 2009-06-09 | Qsecure, Inc. | Automated payment card fraud detection and location |
US7584153B2 (en) * | 2004-03-15 | 2009-09-01 | Qsecure, Inc. | Financial transactions with dynamic card verification values |
US7500602B2 (en) * | 2005-02-22 | 2009-03-10 | Gray R O'neal | System for increasing the security of credit and debit cards transactions |
US7337956B2 (en) * | 2004-04-12 | 2008-03-04 | Rearden Capital Corporation | System and method for facilitating the purchase of goods and services |
US7275685B2 (en) * | 2004-04-12 | 2007-10-02 | Rearden Capital Corporation | Method for electronic payment |
US7748617B2 (en) * | 2004-04-12 | 2010-07-06 | Gray R O'neal | Electronic identification system |
US20050269402A1 (en) * | 2004-06-03 | 2005-12-08 | Tyfone, Inc. | System and method for securing financial transactions |
WO2005119608A1 (en) * | 2004-06-03 | 2005-12-15 | Tyfone, Inc. | System and method for securing financial transactions |
US8439271B2 (en) | 2004-07-15 | 2013-05-14 | Mastercard International Incorporated | Method and system using a bitmap for passing contactless payment card transaction variables in standardized data formats |
AU2005274950B2 (en) * | 2004-07-15 | 2010-12-09 | Mastercard International Incorporated | Method and system using a bitmap for passing contactless payment card transaction variables in standardized data formats |
FR2875080B1 (en) * | 2004-09-09 | 2006-10-27 | Gemplus Sa | OPTIMIZED UPDATING OF A DETERMINISTIC VALUE IN A COMMUNICATION DEVICE |
US20060074798A1 (en) * | 2004-09-27 | 2006-04-06 | Din Khaja M | Financial instrument, system, and method for electronic commerce transactions |
US20060080593A1 (en) * | 2004-10-08 | 2006-04-13 | Alexander Hudspith | System and method for generating computer-readable documents |
US8740069B2 (en) * | 2005-01-26 | 2014-06-03 | Heng Kah Choy | Fraud-free payment for internet purchases |
US20060190723A1 (en) * | 2005-02-18 | 2006-08-24 | Jp Morgan Chase Bank | Payload layer security for file transfer |
US7581678B2 (en) | 2005-02-22 | 2009-09-01 | Tyfone, Inc. | Electronic transaction card |
US8226001B1 (en) | 2010-06-23 | 2012-07-24 | Fiteq, Inc. | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
KR20070119051A (en) | 2005-03-26 | 2007-12-18 | 프라이베이시스, 인크. | Electronic financial transaction cards and methods |
US8684267B2 (en) | 2005-03-26 | 2014-04-01 | Privasys | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
US20060226217A1 (en) * | 2005-04-07 | 2006-10-12 | Tyfone, Inc. | Sleeve for electronic transaction card |
KR20080003006A (en) | 2005-04-27 | 2008-01-04 | 프라이베이시스, 인크. | Electronic cards and methods for making same |
US20080035738A1 (en) * | 2005-05-09 | 2008-02-14 | Mullen Jeffrey D | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
US7793851B2 (en) * | 2005-05-09 | 2010-09-14 | Dynamics Inc. | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
US20060265278A1 (en) * | 2005-05-18 | 2006-11-23 | Napster Llc | System and method for censoring randomly generated character strings |
US7401731B1 (en) | 2005-05-27 | 2008-07-22 | Jpmorgan Chase Bank, Na | Method and system for implementing a card product with multiple customized relationships |
US8185877B1 (en) | 2005-06-22 | 2012-05-22 | Jpmorgan Chase Bank, N.A. | System and method for testing applications |
US7805615B2 (en) * | 2005-07-15 | 2010-09-28 | Tyfone, Inc. | Asymmetric cryptography with user authentication |
US8189788B2 (en) * | 2005-07-15 | 2012-05-29 | Tyfone, Inc. | Hybrid symmetric/asymmetric cryptography with user authentication |
US8477940B2 (en) * | 2005-07-15 | 2013-07-02 | Tyfone, Inc. | Symmetric cryptography with user authentication |
US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US7210621B2 (en) * | 2005-09-13 | 2007-05-01 | Woronec John S | Secure credit card and method and apparatus for utilizing the same |
US8583926B1 (en) | 2005-09-19 | 2013-11-12 | Jpmorgan Chase Bank, N.A. | System and method for anti-phishing authentication |
US7766225B2 (en) * | 2005-12-30 | 2010-08-03 | Ready Credit Corporation | Issuing a value-bearing card associated with only non-personally identifying information |
US7930754B2 (en) * | 2006-01-18 | 2011-04-19 | International Business Machines Corporation | Method for concealing user identities on computer systems through the use of temporary aliases |
US7784682B2 (en) | 2006-02-08 | 2010-08-31 | Jpmorgan Chase Bank, N.A. | System and method for granting promotional rewards to both customers and non-customers |
US8408455B1 (en) | 2006-02-08 | 2013-04-02 | Jpmorgan Chase Bank, N.A. | System and method for granting promotional rewards to both customers and non-customers |
US7753259B1 (en) | 2006-04-13 | 2010-07-13 | Jpmorgan Chase Bank, N.A. | System and method for granting promotional rewards to both customers and non-customers |
US9466057B2 (en) * | 2006-05-04 | 2016-10-11 | First Data Corporation | RF presentation instrument with sensor control |
US7966263B2 (en) * | 2006-05-04 | 2011-06-21 | First Data Corporation | Wireless phone RF presentation instrument with sensor control |
US8793490B1 (en) | 2006-07-14 | 2014-07-29 | Jpmorgan Chase Bank, N.A. | Systems and methods for multifactor authentication |
WO2008013945A2 (en) * | 2006-07-27 | 2008-01-31 | Leverage, Inc. | System and method for targeted marketing and consumer resource management |
US20180300707A1 (en) * | 2006-09-15 | 2018-10-18 | Jean-Yves Rossi | Payment method and systems |
EP2074569A2 (en) * | 2006-09-15 | 2009-07-01 | ROSSI, Jean-Yves | Payment method and systems |
US8118223B2 (en) * | 2006-09-28 | 2012-02-21 | Visa U.S.A. Inc. | Smart sign mobile transit fare payment |
US20080208681A1 (en) * | 2006-09-28 | 2008-08-28 | Ayman Hammad | Payment using a mobile device |
US8386349B2 (en) * | 2007-02-28 | 2013-02-26 | Visa U.S.A. Inc. | Verification of a portable consumer device in an offline environment |
US8346639B2 (en) * | 2007-02-28 | 2013-01-01 | Visa U.S.A. Inc. | Authentication of a data card using a transit verification value |
US8738485B2 (en) | 2007-12-28 | 2014-05-27 | Visa U.S.A. Inc. | Contactless prepaid product for transit fare collection |
US7527208B2 (en) * | 2006-12-04 | 2009-05-05 | Visa U.S.A. Inc. | Bank issued contactless payment card used in transit fare collection |
US8523069B2 (en) | 2006-09-28 | 2013-09-03 | Visa U.S.A. Inc. | Mobile transit fare payment |
US20080086765A1 (en) * | 2006-10-05 | 2008-04-10 | Microsoft Corporation | Issuance privacy |
US7991692B2 (en) * | 2006-10-09 | 2011-08-02 | First Data Corporation | Electronic payment instrument and packaging |
US7991158B2 (en) * | 2006-12-13 | 2011-08-02 | Tyfone, Inc. | Secure messaging |
US20090187507A1 (en) * | 2006-12-20 | 2009-07-23 | Brown Kerry D | Secure financial transaction network |
US9779556B1 (en) | 2006-12-27 | 2017-10-03 | Stamps.Com Inc. | System and method for identifying and preventing on-line fraud |
US9785984B2 (en) * | 2007-02-27 | 2017-10-10 | Emigrant Bank | Method and system of facilitating a purchase between a buyer and a seller |
US8473735B1 (en) | 2007-05-17 | 2013-06-25 | Jpmorgan Chase | Systems and methods for managing digital certificates |
US20080296368A1 (en) * | 2007-06-04 | 2008-12-04 | Newsom Victor V | Stored-value instrument protection system and method |
US8326758B2 (en) * | 2007-08-06 | 2012-12-04 | Enpulz, L.L.C. | Proxy card representing many monetary sources from a plurality of vendors |
US20090106058A1 (en) * | 2007-10-17 | 2009-04-23 | Yahoo! Inc. | Assessing ad value |
US8417601B1 (en) | 2007-10-18 | 2013-04-09 | Jpmorgan Chase Bank, N.A. | Variable rate payment card |
US8157178B2 (en) | 2007-10-19 | 2012-04-17 | First Data Corporation | Manufacturing system to produce contactless devices with switches |
US8812401B2 (en) * | 2007-11-20 | 2014-08-19 | Propay Usa Inc. | Secure payment capture processes |
US9741027B2 (en) | 2007-12-14 | 2017-08-22 | Tyfone, Inc. | Memory card based contactless devices |
US10579920B2 (en) * | 2007-12-24 | 2020-03-03 | Dynamics Inc. | Systems and methods for programmable payment cards and devices with loyalty-based payment applications |
US8321682B1 (en) | 2008-01-24 | 2012-11-27 | Jpmorgan Chase Bank, N.A. | System and method for generating and managing administrator passwords |
US8078528B1 (en) | 2008-02-21 | 2011-12-13 | Jpmorgan Chase Bank, N.A. | System and method for providing borrowing schemes |
US20090240620A1 (en) * | 2008-03-24 | 2009-09-24 | Propay Usa, Inc. | Secure payment system |
US7885878B2 (en) | 2008-05-28 | 2011-02-08 | First Data Corporation | Systems and methods of payment account activation |
US8069121B2 (en) * | 2008-08-04 | 2011-11-29 | ProPay Inc. | End-to-end secure payment processes |
US7961101B2 (en) | 2008-08-08 | 2011-06-14 | Tyfone, Inc. | Small RFID card with integrated inductive element |
US8451122B2 (en) | 2008-08-08 | 2013-05-28 | Tyfone, Inc. | Smartcard performance enhancement circuits and systems |
US8447669B2 (en) | 2008-08-26 | 2013-05-21 | Visa U.S.A. Inc. | System and method for implementing financial assistance programs |
US20100051686A1 (en) * | 2008-08-29 | 2010-03-04 | Covenant Visions International Limited | System and method for authenticating a transaction using a one-time pass code (OTPK) |
US8579203B1 (en) | 2008-12-19 | 2013-11-12 | Dynamics Inc. | Electronic magnetic recorded media emulators in magnetic card devices |
US10037524B2 (en) * | 2009-01-22 | 2018-07-31 | First Data Corporation | Dynamic primary account number (PAN) and unique key per card |
US10628881B2 (en) | 2009-01-22 | 2020-04-21 | First Data Corporation | Processing transactions with an extended application ID and dynamic cryptograms |
US10354321B2 (en) | 2009-01-22 | 2019-07-16 | First Data Corporation | Processing transactions with an extended application ID and dynamic cryptograms |
WO2010099093A1 (en) | 2009-02-24 | 2010-09-02 | Tyfone, Inc. | Contactless device with miniaturized antenna |
US8931703B1 (en) | 2009-03-16 | 2015-01-13 | Dynamics Inc. | Payment cards and devices for displaying barcodes |
US8622309B1 (en) | 2009-04-06 | 2014-01-07 | Dynamics Inc. | Payment cards and devices with budgets, parental controls, and virtual accounts |
US9329619B1 (en) | 2009-04-06 | 2016-05-03 | Dynamics Inc. | Cards with power management |
US8066191B1 (en) | 2009-04-06 | 2011-11-29 | Dynamics Inc. | Cards and assemblies with user interfaces |
US8320962B2 (en) | 2009-06-05 | 2012-11-27 | Visa International Service Association | Contactless disablement |
US8393545B1 (en) | 2009-06-23 | 2013-03-12 | Dynamics Inc. | Cards deployed with inactivated products for activation |
US9608826B2 (en) | 2009-06-29 | 2017-03-28 | Jpmorgan Chase Bank, N.A. | System and method for partner key management |
US8511574B1 (en) | 2009-08-17 | 2013-08-20 | Dynamics Inc. | Advanced loyalty applications for powered cards and devices |
US9306666B1 (en) | 2009-10-08 | 2016-04-05 | Dynamics Inc. | Programming protocols for powered cards and devices |
US8727219B1 (en) | 2009-10-12 | 2014-05-20 | Dynamics Inc. | Magnetic stripe track signal having multiple communications channels |
US8523059B1 (en) | 2009-10-20 | 2013-09-03 | Dynamics Inc. | Advanced payment options for powered cards and devices |
US8393546B1 (en) | 2009-10-25 | 2013-03-12 | Dynamics Inc. | Games, prizes, and entertainment for powered cards and devices |
EP2502192A2 (en) * | 2009-11-18 | 2012-09-26 | Magid Joseph Mina | Anonymous transaction payment systems and methods |
US10049356B2 (en) | 2009-12-18 | 2018-08-14 | First Data Corporation | Authentication of card-not-present transactions |
US8602312B2 (en) | 2010-02-16 | 2013-12-10 | Dynamics Inc. | Systems and methods for drive circuits for dynamic magnetic stripe communications devices |
US8348172B1 (en) | 2010-03-02 | 2013-01-08 | Dynamics Inc. | Systems and methods for detection mechanisms for magnetic cards and devices |
US10693263B1 (en) | 2010-03-16 | 2020-06-23 | Dynamics Inc. | Systems and methods for audio connectors for powered cards and devices |
US10504105B2 (en) | 2010-05-18 | 2019-12-10 | Dynamics Inc. | Systems and methods for cards and devices operable to communicate to touch sensitive displays |
CN101872507B (en) * | 2010-06-12 | 2012-10-10 | 武汉天喻信息产业股份有限公司 | Data safe transmission method for mobile payment |
US8317103B1 (en) | 2010-06-23 | 2012-11-27 | FiTeq | Method for broadcasting a magnetic stripe data packet from an electronic smart card |
USD652075S1 (en) | 2010-07-02 | 2012-01-10 | Dynamics Inc. | Multiple button interactive electronic card |
USD652449S1 (en) | 2010-07-02 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD672389S1 (en) | 2010-07-02 | 2012-12-11 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD670759S1 (en) | 2010-07-02 | 2012-11-13 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD674013S1 (en) | 2010-07-02 | 2013-01-08 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652867S1 (en) | 2010-07-02 | 2012-01-24 | Dynamics Inc. | Multiple button interactive electronic card |
USD652448S1 (en) | 2010-07-02 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD687094S1 (en) | 2010-07-02 | 2013-07-30 | Dynamics Inc. | Multiple button interactive electronic card with light sources |
USD652450S1 (en) | 2010-07-09 | 2012-01-17 | Dynamics Inc. | Multiple button interactive electronic card |
USD651644S1 (en) | 2010-07-09 | 2012-01-03 | Dynamics Inc. | Interactive electronic card with display |
USD792511S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD665022S1 (en) | 2010-07-09 | 2012-08-07 | Dynamics Inc. | Multiple button interactive electronic card with light source |
USD792513S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD653288S1 (en) | 2010-07-09 | 2012-01-31 | Dynamics Inc. | Multiple button interactive electronic card |
USD666241S1 (en) | 2010-07-09 | 2012-08-28 | Dynamics Inc. | Multiple button interactive electronic card with light source |
USD652076S1 (en) | 2010-07-09 | 2012-01-10 | Dynamics Inc. | Multiple button interactive electronic card with display |
USD792512S1 (en) | 2010-07-09 | 2017-07-18 | Dynamics Inc. | Display with font |
USD665447S1 (en) | 2010-07-09 | 2012-08-14 | Dynamics Inc. | Multiple button interactive electronic card with light source and display |
USD651237S1 (en) | 2010-07-09 | 2011-12-27 | Dynamics Inc. | Interactive electronic card with display |
USD643063S1 (en) | 2010-07-09 | 2011-08-09 | Dynamics Inc. | Interactive electronic card with display |
USD651238S1 (en) | 2010-07-09 | 2011-12-27 | Dynamics Inc. | Interactive electronic card with display |
US8322623B1 (en) | 2010-07-26 | 2012-12-04 | Dynamics Inc. | Systems and methods for advanced card printing |
US9818125B2 (en) | 2011-02-16 | 2017-11-14 | Dynamics Inc. | Systems and methods for information exchange mechanisms for powered cards and devices |
US9053398B1 (en) | 2010-08-12 | 2015-06-09 | Dynamics Inc. | Passive detection mechanisms for magnetic cards and devices |
US10055614B1 (en) | 2010-08-12 | 2018-08-21 | Dynamics Inc. | Systems and methods for advanced detection mechanisms for magnetic cards and devices |
US10022884B1 (en) | 2010-10-15 | 2018-07-17 | Dynamics Inc. | Systems and methods for alignment techniques for magnetic cards and devices |
US8561894B1 (en) | 2010-10-20 | 2013-10-22 | Dynamics Inc. | Powered cards and devices designed, programmed, and deployed from a kiosk |
US20120123924A1 (en) | 2010-10-20 | 2012-05-17 | Mark Rose | Virtual currency configuration apparatuses, methods and systems |
US9646240B1 (en) | 2010-11-05 | 2017-05-09 | Dynamics Inc. | Locking features for powered cards and devices |
WO2012078810A2 (en) * | 2010-12-07 | 2012-06-14 | Groupon Zappedy, Inc. | Method and system for credit card holder identification |
US8567679B1 (en) | 2011-01-23 | 2013-10-29 | Dynamics Inc. | Cards and devices with embedded holograms |
US10095970B1 (en) | 2011-01-31 | 2018-10-09 | Dynamics Inc. | Cards including anti-skimming devices |
US10204327B2 (en) | 2011-02-05 | 2019-02-12 | Visa International Service Association | Merchant-consumer bridging platform apparatuses, methods and systems |
WO2012109628A2 (en) | 2011-02-10 | 2012-08-16 | Visa International Service Assocation | Electronic coupon issuance and redemption apparatuses, methods and systems |
US10586227B2 (en) | 2011-02-16 | 2020-03-10 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
WO2012112822A2 (en) | 2011-02-16 | 2012-08-23 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
SG193510A1 (en) | 2011-02-22 | 2013-10-30 | Visa Int Service Ass | Universal electronic payment apparatuses, methods and systems |
AU2012223415B2 (en) | 2011-02-28 | 2017-05-18 | Visa International Service Association | Secure anonymous transaction apparatuses, methods and systems |
US9836680B1 (en) | 2011-03-03 | 2017-12-05 | Dynamics Inc. | Systems and methods for advanced communication mechanisms for magnetic cards and devices |
WO2012122060A1 (en) | 2011-03-04 | 2012-09-13 | Visa International Service Association | Cloud service facilitator apparatuses, methods and systems |
US8485446B1 (en) | 2011-03-28 | 2013-07-16 | Dynamics Inc. | Shielded magnetic stripe for magnetic cards and devices |
CA2835508A1 (en) | 2011-05-10 | 2012-11-15 | Dynamics Inc. | Systems, devices, and methods for mobile payment acceptance, mobile authorizations, mobile wallets, and contactless communication mechanisms |
WO2012155081A1 (en) | 2011-05-11 | 2012-11-15 | Visa International Service Association | Electronic receipt manager apparatuses, methods and systems |
USD670332S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive card |
USD670331S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive display card |
USD676904S1 (en) | 2011-05-12 | 2013-02-26 | Dynamics Inc. | Interactive display card |
USD670330S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive card |
USD670329S1 (en) | 2011-05-12 | 2012-11-06 | Dynamics Inc. | Interactive display card |
US8628022B1 (en) | 2011-05-23 | 2014-01-14 | Dynamics Inc. | Systems and methods for sensor mechanisms for magnetic cards and devices |
US8577803B2 (en) | 2011-06-03 | 2013-11-05 | Visa International Service Association | Virtual wallet card selection apparatuses, methods and systems |
US10121129B2 (en) | 2011-07-05 | 2018-11-06 | Visa International Service Association | Electronic wallet checkout platform apparatuses, methods and systems |
US9582598B2 (en) | 2011-07-05 | 2017-02-28 | Visa International Service Association | Hybrid applications utilizing distributed models and views apparatuses, methods and systems |
US9355393B2 (en) | 2011-08-18 | 2016-05-31 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
US20130018779A1 (en) * | 2011-07-14 | 2013-01-17 | Bank Of America Corporation | Alias-based merchant transaction system |
US10438176B2 (en) | 2011-07-17 | 2019-10-08 | Visa International Service Association | Multiple merchant payment processor platform apparatuses, methods and systems |
US8827153B1 (en) | 2011-07-18 | 2014-09-09 | Dynamics Inc. | Systems and methods for waveform generation for dynamic magnetic stripe communications devices |
CN102904664A (en) * | 2011-07-27 | 2013-01-30 | 国民技术股份有限公司 | Anti-interference communication system and anti-interference method |
US9710807B2 (en) | 2011-08-18 | 2017-07-18 | Visa International Service Association | Third-party value added wallet features and interfaces apparatuses, methods and systems |
US10825001B2 (en) | 2011-08-18 | 2020-11-03 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
US10318941B2 (en) | 2011-12-13 | 2019-06-11 | Visa International Service Association | Payment platform interface widget generation apparatuses, methods and systems |
US10242358B2 (en) | 2011-08-18 | 2019-03-26 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
US8768830B1 (en) | 2011-09-08 | 2014-07-01 | Citibank, N.A. | Method and system for a multi-purpose transactional platform |
US9117225B2 (en) | 2011-09-16 | 2015-08-25 | Visa International Service Association | Apparatuses, methods and systems for transforming user infrastructure requests inputs to infrastructure design product and infrastructure allocation outputs |
US10223730B2 (en) | 2011-09-23 | 2019-03-05 | Visa International Service Association | E-wallet store injection search apparatuses, methods and systems |
US11551046B1 (en) | 2011-10-19 | 2023-01-10 | Dynamics Inc. | Stacked dynamic magnetic stripe commmunications device for magnetic cards and devices |
US11409971B1 (en) | 2011-10-23 | 2022-08-09 | Dynamics Inc. | Programming and test modes for powered cards and devices |
US20130104197A1 (en) * | 2011-10-23 | 2013-04-25 | Gopal Nandakumar | Authentication system |
US9619741B1 (en) | 2011-11-21 | 2017-04-11 | Dynamics Inc. | Systems and methods for synchronization mechanisms for magnetic cards and devices |
US8960545B1 (en) | 2011-11-21 | 2015-02-24 | Dynamics Inc. | Data modification for magnetic cards and devices |
WO2013090611A2 (en) | 2011-12-13 | 2013-06-20 | Visa International Service Association | Dynamic widget generator apparatuses, methods and systems |
US9953378B2 (en) | 2012-04-27 | 2018-04-24 | Visa International Service Association | Social checkout widget generation and integration apparatuses, methods and systems |
US10223710B2 (en) | 2013-01-04 | 2019-03-05 | Visa International Service Association | Wearable intelligent vision device apparatuses, methods and systems |
US10262148B2 (en) | 2012-01-09 | 2019-04-16 | Visa International Service Association | Secure dynamic page content and layouts apparatuses, methods and systems |
US11308227B2 (en) | 2012-01-09 | 2022-04-19 | Visa International Service Association | Secure dynamic page content and layouts apparatuses, methods and systems |
AU2013214801B2 (en) | 2012-02-02 | 2018-06-21 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems |
US9064194B1 (en) | 2012-02-03 | 2015-06-23 | Dynamics Inc. | Systems and methods for spike suppression for dynamic magnetic stripe communications devices |
US9710745B1 (en) | 2012-02-09 | 2017-07-18 | Dynamics Inc. | Systems and methods for automated assembly of dynamic magnetic stripe communications devices |
US8888009B1 (en) | 2012-02-14 | 2014-11-18 | Dynamics Inc. | Systems and methods for extended stripe mechanisms for magnetic cards and devices |
US9916992B2 (en) | 2012-02-20 | 2018-03-13 | Dynamics Inc. | Systems and methods for flexible components for powered cards and devices |
US9734669B1 (en) | 2012-04-02 | 2017-08-15 | Dynamics Inc. | Cards, devices, systems, and methods for advanced payment game of skill and game of chance functionality |
US11961147B1 (en) | 2012-04-15 | 2024-04-16 | K. Shane Cupp | Cards, devices, systems, and methods for financial management services |
US11418483B1 (en) | 2012-04-19 | 2022-08-16 | Dynamics Inc. | Cards, devices, systems, and methods for zone-based network management |
US9033218B1 (en) | 2012-05-15 | 2015-05-19 | Dynamics Inc. | Cards, devices, systems, methods and dynamic security codes |
US9064195B2 (en) | 2012-06-29 | 2015-06-23 | Dynamics Inc. | Multiple layer card circuit boards |
US20140052564A1 (en) * | 2012-08-17 | 2014-02-20 | Robb Lewis | Notarized Game Card and Achievement Card |
USD673606S1 (en) | 2012-08-27 | 2013-01-01 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD688744S1 (en) | 2012-08-27 | 2013-08-27 | Dynamics Inc. | Interactive electronic card with display and button |
USD695636S1 (en) | 2012-08-27 | 2013-12-17 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD675256S1 (en) | 2012-08-27 | 2013-01-29 | Dynamics Inc. | Interactive electronic card with display and button |
USD687487S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with display and button |
USD687488S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with buttons |
USD729870S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and button |
USD687887S1 (en) | 2012-08-27 | 2013-08-13 | Dynamics Inc. | Interactive electronic card with buttons |
USD730439S1 (en) | 2012-08-27 | 2015-05-26 | Dynamics Inc. | Interactive electronic card with buttons |
USD692053S1 (en) | 2012-08-27 | 2013-10-22 | Dynamics Inc. | Interactive electronic card with display and button |
USD729869S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and button |
USD687490S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with display and button |
USD694322S1 (en) | 2012-08-27 | 2013-11-26 | Dynamics Inc. | Interactive electronic card with display buttons |
USD687489S1 (en) | 2012-08-27 | 2013-08-06 | Dynamics Inc. | Interactive electronic card with buttons |
USD676487S1 (en) | 2012-08-27 | 2013-02-19 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD828870S1 (en) | 2012-08-27 | 2018-09-18 | Dynamics Inc. | Display card |
USD730438S1 (en) | 2012-08-27 | 2015-05-26 | Dynamics Inc. | Interactive electronic card with display and button |
USD687095S1 (en) | 2012-08-27 | 2013-07-30 | Dynamics Inc. | Interactive electronic card with buttons |
USD729871S1 (en) | 2012-08-27 | 2015-05-19 | Dynamics Inc. | Interactive electronic card with display and buttons |
US11995642B1 (en) | 2012-09-05 | 2024-05-28 | Dynamics Inc. | Cards, devices, systems, and methods for a notification system |
US11126997B1 (en) | 2012-10-02 | 2021-09-21 | Dynamics Inc. | Cards, devices, systems, and methods for a fulfillment system |
US9010647B2 (en) | 2012-10-29 | 2015-04-21 | Dynamics Inc. | Multiple sensor detector systems and detection methods of magnetic cards and devices |
CN102930645A (en) * | 2012-11-04 | 2013-02-13 | 张仁平 | System for maintaining bank card account safety by using dynamic password card |
US9659246B1 (en) | 2012-11-05 | 2017-05-23 | Dynamics Inc. | Dynamic magnetic stripe communications device with beveled magnetic material for magnetic cards and devices |
US9010644B1 (en) | 2012-11-30 | 2015-04-21 | Dynamics Inc. | Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices |
US10949627B2 (en) | 2012-12-20 | 2021-03-16 | Dynamics Inc. | Systems and methods for non-time smearing detection mechanisms for magnetic cards and devices |
US20140239068A1 (en) * | 2013-02-22 | 2014-08-28 | John Chowhan Park | Credit card with alterable id/security features |
USD750168S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with display and button |
USD751640S1 (en) | 2013-03-04 | 2016-03-15 | Dynamics Inc. | Interactive electronic card with display and button |
USD765174S1 (en) | 2013-03-04 | 2016-08-30 | Dynamics Inc. | Interactive electronic card with button |
USD750166S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with display and buttons |
USD751639S1 (en) | 2013-03-04 | 2016-03-15 | Dynamics Inc. | Interactive electronic card with display and button |
USD765173S1 (en) | 2013-03-04 | 2016-08-30 | Dynamics Inc. | Interactive electronic card with display and button |
USD764584S1 (en) | 2013-03-04 | 2016-08-23 | Dynamics Inc. | Interactive electronic card with buttons |
USD750167S1 (en) | 2013-03-04 | 2016-02-23 | Dynamics Inc. | Interactive electronic card with buttons |
USD777252S1 (en) | 2013-03-04 | 2017-01-24 | Dynamics Inc. | Interactive electronic card with buttons |
US20160148194A1 (en) * | 2013-03-14 | 2016-05-26 | Nagraid Security, Inc. | Radio Frequency Powered Smart, Debit and Credit Card System Employing a Light Sensor to Enable Authorized Transactions |
US9419957B1 (en) | 2013-03-15 | 2016-08-16 | Jpmorgan Chase Bank, N.A. | Confidence-based authentication |
US9022286B2 (en) | 2013-03-15 | 2015-05-05 | Virtual Electric, Inc. | Multi-functional credit card type portable electronic device |
RU2695533C2 (en) | 2013-04-12 | 2019-07-23 | Кардлаб Апс | Offset field map |
CN105264549B (en) | 2013-04-12 | 2018-09-18 | 卡德赖博私人有限公司 | The method of method and output information that card, component, group are loaded |
US8690054B1 (en) | 2013-05-29 | 2014-04-08 | The Toronto-Dominion Bank | System and method for chip-enabled card transaction processing and alert communication |
CN103413238A (en) * | 2013-08-30 | 2013-11-27 | 苏州跨界软件科技有限公司 | System for providing discount coupons randomly |
USD737373S1 (en) | 2013-09-10 | 2015-08-25 | Dynamics Inc. | Interactive electronic card with contact connector |
USD767024S1 (en) | 2013-09-10 | 2016-09-20 | Dynamics Inc. | Interactive electronic card with contact connector |
US10769613B1 (en) * | 2013-10-22 | 2020-09-08 | Ondot Systems, Inc | Delegate cards |
US10148726B1 (en) | 2014-01-24 | 2018-12-04 | Jpmorgan Chase Bank, N.A. | Initiating operating system commands based on browser cookies |
US9225689B2 (en) * | 2014-02-28 | 2015-12-29 | Sap Se | Hardware security agent for network communications |
US10108891B1 (en) | 2014-03-21 | 2018-10-23 | Dynamics Inc. | Exchange coupled amorphous ribbons for electronic stripes |
US20150371183A1 (en) * | 2014-06-20 | 2015-12-24 | United Parcel Service Of America, Inc. | Systems and methods for confidential shipping |
EP3035230A1 (en) | 2014-12-19 | 2016-06-22 | Cardlab ApS | A method and an assembly for generating a magnetic field |
WO2016097372A1 (en) | 2014-12-19 | 2016-06-23 | Cardlab Aps | A method and an assembly for generating a magnetic field and a method of manufacturing an assembly |
CN105825371A (en) * | 2015-01-07 | 2016-08-03 | 阿里巴巴集团控股有限公司 | Method and device for processing service |
US11216468B2 (en) | 2015-02-08 | 2022-01-04 | Visa International Service Association | Converged merchant processing apparatuses, methods and systems |
CN105989511B (en) * | 2015-02-09 | 2022-04-15 | 创新先进技术有限公司 | Service implementation method and device |
CN106161374A (en) | 2015-04-13 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The exchange method of order data and server |
CN106157079A (en) | 2015-04-13 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The exchange method of order data and server |
CN106161807A (en) | 2015-04-13 | 2016-11-23 | 阿里巴巴集团控股有限公司 | Communication means and server |
EP3082071A1 (en) | 2015-04-17 | 2016-10-19 | Cardlab ApS | Device for and method of outputting a magnetic field |
US20160371685A1 (en) * | 2015-06-16 | 2016-12-22 | Ned M. Smith | System, apparatus and method for providing randomly generated codes in a user anonymous manner |
US10728043B2 (en) | 2015-07-21 | 2020-07-28 | Entrust, Inc. | Method and apparatus for providing secure communication among constrained devices |
US9652644B2 (en) * | 2015-07-29 | 2017-05-16 | Palo Alto Research Center Incorporated | Printable, writeable article for tracking counterfeit and diverted products |
US10032049B2 (en) | 2016-02-23 | 2018-07-24 | Dynamics Inc. | Magnetic cards and devices for motorized readers |
FR3058814B1 (en) * | 2016-11-15 | 2019-10-25 | Ingenico Group | METHOD FOR PROCESSING TRANSACTIONAL DATA, COMMUNICATION TERMINAL, CARD READER AND CORRESPONDING PROGRAM. |
CN107682571B (en) * | 2017-08-31 | 2019-09-03 | 携程旅游信息技术(上海)有限公司 | Change the means of communication, system, equipment and the storage medium of base number |
CN108829650B (en) * | 2018-06-01 | 2022-08-23 | 腾讯科技(北京)有限公司 | Card number generation method, device, server and storage medium |
US10747658B2 (en) * | 2018-11-19 | 2020-08-18 | Paypal, Inc. | Systems and methods for testing online use-case scenarios in a staging environment |
US11244312B2 (en) * | 2019-11-13 | 2022-02-08 | Bank Of America Corporation | One-time abstraction coding for resource deployment |
US11631078B2 (en) | 2020-04-13 | 2023-04-18 | Capital One Services, Llc | System and method for obfuscating transaction information |
TR202020153A2 (en) * | 2020-12-09 | 2021-04-21 | Ahmet Tahsin Oezarslan | Payment system and method with shopping ID number |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050086177A1 (en) * | 2000-05-15 | 2005-04-21 | Anderson Roy L. | Method for customizing payment card transactions at the time of the transactions |
Family Cites Families (194)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3665161A (en) | 1969-10-20 | 1972-05-23 | Day Albert J | Card readout system |
US4314352A (en) | 1972-04-12 | 1982-02-02 | Docutel Corporation | Banking machine |
US3845277A (en) | 1972-09-01 | 1974-10-29 | Mosler Safe Co | Off-line cash dispenser and banking system |
US4253017A (en) | 1978-05-31 | 1981-02-24 | Whitehead Edwin N | Magnetically coded identification card |
FR2311365A1 (en) | 1975-05-13 | 1976-12-10 | Innovation Ste Int | SYSTEM FOR TRANSFERRING AND STORING DATA IN A PERSONAL AND CONFIDENTIAL WAY BY MEANS OF PORTABLE INDEPENDENT ELECTRONIC OBJECTS |
US4016405A (en) | 1975-06-09 | 1977-04-05 | Diebold, Incorporated | Card validation, method and system |
US4214230A (en) * | 1978-01-19 | 1980-07-22 | Rolf Blom | Personal identification system |
US4234932A (en) | 1978-09-05 | 1980-11-18 | Honeywell Information Systems Inc. | Security system for remote cash dispensers |
JPS55143679A (en) | 1979-04-24 | 1980-11-10 | Nec Corp | Credit number verification system |
JPS5710869A (en) | 1980-06-24 | 1982-01-20 | Omron Tateisi Electronics Co | Fault processing method of automatic transaction processing equipment |
US4390968A (en) | 1980-12-30 | 1983-06-28 | Honeywell Information Systems Inc. | Automated bank transaction security system |
US4443027A (en) | 1981-07-29 | 1984-04-17 | Mcneely Maurice G | Multiple company credit card system |
US4458142A (en) | 1981-10-07 | 1984-07-03 | Hecon Corporation | Programmed electronic keycorder unit |
US4437130A (en) | 1981-12-18 | 1984-03-13 | Hennessy John Brian | Cassette adapter for eight track machines |
US4926480A (en) | 1983-08-22 | 1990-05-15 | David Chaum | Card-computer moderated systems |
GB2146814A (en) | 1983-09-17 | 1985-04-24 | Ibm | Electronic fund transfer systems |
EP0247623A3 (en) | 1984-03-19 | 1989-09-20 | Omron Tateisi Electronics Co. | Ic card transaction system |
DE3417766A1 (en) | 1984-05-12 | 1985-11-14 | Betriebswirtschaftliches Institut der Deutschen Kreditgenossenschaften BIK GmbH, 6000 Frankfurt | WORKING METHOD AND DEVICE FOR ELECTRONICALLY AUTHORIZED DETECTING A MATTER |
US4918631A (en) | 1984-09-07 | 1990-04-17 | Casio Computer Co., Ltd. | Compact type electronic information card |
US4614861A (en) | 1984-11-15 | 1986-09-30 | Intellicard International, Inc. | Unitary, self-contained card verification and validation system and method |
US5168520A (en) | 1984-11-30 | 1992-12-01 | Security Dynamics Technologies, Inc. | Method and apparatus for personal identification |
US4679236A (en) | 1984-12-21 | 1987-07-07 | Davies Richard E | Identification verification method and system |
US4634845A (en) | 1984-12-24 | 1987-01-06 | Ncr Corporation | Portable personal terminal for use in a system for handling transactions |
US4689478A (en) | 1984-12-24 | 1987-08-25 | Ncr Corporation | System for handling transactions including a portable personal terminal |
FR2575566B1 (en) | 1984-12-28 | 1990-06-22 | Bull Sa | METHOD FOR CUSTOMIZING PORTABLE MEDIA SUCH AS CARDS |
US4650978A (en) | 1985-01-23 | 1987-03-17 | Rmh Systems, Inc. | Off line cash card system and method |
US4701601A (en) | 1985-04-26 | 1987-10-20 | Visa International Service Association | Transaction card with magnetic stripe emulator |
US4707594A (en) | 1985-06-27 | 1987-11-17 | Intellicard International, Inc. | Unitary, self-contained consumer transaction card |
JPH083821B2 (en) | 1985-07-12 | 1996-01-17 | カシオ計算機株式会社 | IC card system |
JPH0615273B2 (en) * | 1986-01-20 | 1994-03-02 | 株式会社アイテイテイキャノン | IC card |
US4837822A (en) | 1986-04-08 | 1989-06-06 | Schlage Lock Company | Cryptographic based electronic lock system and method of operation |
US4791283A (en) | 1986-06-03 | 1988-12-13 | Intellicard International, Inc. | Transaction card magnetic stripe emulator |
USD298317S (en) * | 1986-06-20 | 1988-11-01 | Oki Electric Industry Co., Ltd. | Mobile handset telephone and stand therefor with integral speakerphone and magnetic card reader |
JPS6354294A (en) * | 1986-08-25 | 1988-03-08 | 株式会社日立製作所 | Information medium and information protective method using said medium |
JPS63231692A (en) | 1987-03-20 | 1988-09-27 | Mitsubishi Electric Corp | Secret code writer |
JPS63253493A (en) | 1987-04-09 | 1988-10-20 | Mitsubishi Electric Corp | Information recording system |
US4868376A (en) | 1987-05-15 | 1989-09-19 | Smartcard International Inc. | Intelligent portable interactive personal data system |
JPH0195362A (en) * | 1987-10-07 | 1989-04-13 | Omron Tateisi Electron Co | Debit-cum-credit terminal |
FR2625000B1 (en) | 1987-12-22 | 1991-08-16 | Sgs Thomson Microelectronics | CHIP CARD STRUCTURE |
JPH02148374A (en) | 1988-11-30 | 1990-06-07 | Tokyo Electric Co Ltd | Information storing and displaying card |
US5220501A (en) | 1989-12-08 | 1993-06-15 | Online Resources, Ltd. | Method and system for remote delivery of retail banking services |
US5130519A (en) | 1990-01-16 | 1992-07-14 | George Bush | Portable pin card |
US5192947A (en) | 1990-02-02 | 1993-03-09 | Simon Neustein | Credit card pager apparatus |
JP3031971B2 (en) * | 1990-07-31 | 2000-04-10 | 株式会社東芝 | Terminal device of product sales system |
FR2669267B1 (en) | 1990-11-16 | 1993-01-22 | Supermag | PERSONALIZATION MACHINE FOR CHIP CARDS. |
FR2673476B1 (en) | 1991-01-18 | 1996-04-12 | Gemplus Card Int | SECURE METHOD FOR LOADING MULTIPLE APPLICATIONS INTO A MICROPROCESSOR MEMORY CARD. |
GB9105851D0 (en) | 1991-03-20 | 1991-05-08 | Security Systems Consortium Th | Securing financial transactions |
FR2676294B1 (en) | 1991-05-06 | 1993-07-16 | Gemplus Card Int | LOCKING METHOD FOR MEMORY CARD. |
JPH0540864A (en) | 1991-08-06 | 1993-02-19 | Matsushita Electric Ind Co Ltd | Ic card |
US5426281A (en) * | 1991-08-22 | 1995-06-20 | Abecassis; Max | Transaction protection system |
US5440108A (en) | 1991-10-11 | 1995-08-08 | Verifone, Inc. | System and method for dispensing and revalung cash cards |
US5453601A (en) | 1991-11-15 | 1995-09-26 | Citibank, N.A. | Electronic-monetary system |
US5557518A (en) | 1994-04-28 | 1996-09-17 | Citibank, N.A. | Trusted agents for open electronic commerce |
US5585787A (en) | 1991-12-09 | 1996-12-17 | Wallerstein; Robert S. | Programmable credit card |
US5955961A (en) | 1991-12-09 | 1999-09-21 | Wallerstein; Robert S. | Programmable transaction card |
FR2686172B1 (en) | 1992-01-14 | 1996-09-06 | Gemplus Card Int | PLUG - IN CARD FOR A MICROCOMPUTER FORMING A CARD READER WITH FLUSHED CONTACTS. |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US5365221A (en) * | 1992-10-19 | 1994-11-15 | Motorola, Inc. | Computer card having low battery indicator |
AU5364794A (en) * | 1992-10-22 | 1994-05-09 | American Express Travel Related Services Company, Inc. | Automated billing consolidation system and method |
WO1994010649A1 (en) * | 1992-10-30 | 1994-05-11 | Microbilt Corporation | Multi-reader transaction terminal |
US5267314A (en) | 1992-11-17 | 1993-11-30 | Leon Stambler | Secure transaction system and method utilized therein |
US5317636A (en) | 1992-12-09 | 1994-05-31 | Arris, Inc. | Method and apparatus for securing credit card transactions |
US5371797A (en) | 1993-01-19 | 1994-12-06 | Bellsouth Corporation | Secure electronic funds transfer from telephone or unsecured terminal |
US5373558A (en) | 1993-05-25 | 1994-12-13 | Chaum; David | Desinated-confirmer signature systems |
US5568121A (en) | 1993-05-27 | 1996-10-22 | Lamensdorf; David M. | Wireless system for sensing information at remote locations and communicating with a main monitoring center |
CN1096648C (en) | 1993-06-02 | 2002-12-18 | 惠普公司 | System and method for revaluation of stored tokens in IC cards |
US5412192A (en) | 1993-07-20 | 1995-05-02 | American Express Company | Radio frequency activated charge card |
US5538442A (en) | 1993-10-04 | 1996-07-23 | Murata Mfg. Co., Ltd. | Communication card |
USRE36365E (en) | 1993-10-25 | 1999-11-02 | Visa International Service Association | Method and apparatus for distributing currency |
US5465206B1 (en) * | 1993-11-01 | 1998-04-21 | Visa Int Service Ass | Electronic bill pay system |
US5578808A (en) | 1993-12-22 | 1996-11-26 | Datamark Services, Inc. | Data card that can be used for transactions involving separate card issuers |
US5526428A (en) | 1993-12-29 | 1996-06-11 | International Business Machines Corporation | Access control apparatus and method |
US5434919A (en) | 1994-01-11 | 1995-07-18 | Chaum; David | Compact endorsement signature systems |
US5623552A (en) | 1994-01-21 | 1997-04-22 | Cardguard International, Inc. | Self-authenticating identification card with fingerprint identification |
US5434398A (en) | 1994-02-22 | 1995-07-18 | Haim Labenski | Magnetic smartcard |
US5497411A (en) | 1994-03-14 | 1996-03-05 | Pellerin; Joseph C. E. | Telecommunications card-access system |
US6925439B1 (en) * | 1994-06-20 | 2005-08-02 | C-Sam, Inc. | Device, system and methods of conducting paperless transactions |
US5590038A (en) | 1994-06-20 | 1996-12-31 | Pitroda; Satyan G. | Universal electronic transaction card including receipt storage and system and methods of conducting electronic transactions |
US5627355A (en) | 1994-07-13 | 1997-05-06 | Rahman; Sam | Transaction device, equipment and method for protecting account numbers and their associated personal identification numbers |
US5583933A (en) | 1994-08-05 | 1996-12-10 | Mark; Andrew R. | Method and apparatus for the secure communication of data |
GB9416595D0 (en) | 1994-08-17 | 1994-10-12 | British Telecomm | User authentication in a communications network |
DE69533328T2 (en) | 1994-08-30 | 2005-02-10 | Kokusai Denshin Denwa Co., Ltd. | VERIFICATION DEVICE |
US5834747A (en) | 1994-11-04 | 1998-11-10 | Pixel Instruments | Universal credit card apparatus and method |
US5754652A (en) | 1994-12-14 | 1998-05-19 | Lucent Technologies Inc. | Method and apparatus for secure pin entry |
US5689247A (en) | 1994-12-30 | 1997-11-18 | Ortho Pharmaceutical Corporation | Automated system for identifying authorized system users |
GB2297011B (en) | 1995-01-13 | 1999-03-10 | Telsis Holdings Ltd | Secure access telephony server systems |
US6236391B1 (en) | 1995-01-24 | 2001-05-22 | Elo Touchsystems, Inc. | Acoustic touch position sensor using a low acoustic loss transparent substrate |
JPH08214281A (en) * | 1995-02-06 | 1996-08-20 | Sony Corp | Charging method and system |
FR2730576B1 (en) | 1995-02-15 | 1997-04-04 | Gemplus Card Int | METHOD FOR MANUFACTURING ELECTRONIC CARDS AND CARDS OBTAINED BY SUCH A PROCESS |
US6089451A (en) | 1995-02-17 | 2000-07-18 | Krause; Arthur A. | Systems for authenticating the use of transaction cards having a magnetic stripe |
US6012634A (en) | 1995-03-06 | 2000-01-11 | Motorola, Inc. | Dual card and method therefor |
US5818030A (en) | 1995-03-07 | 1998-10-06 | Reyes; Rene A. | Credit card system with key module |
US5590197A (en) * | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
US5708422A (en) * | 1995-05-31 | 1998-01-13 | At&T | Transaction authorization and alert system |
US5655008A (en) | 1995-06-07 | 1997-08-05 | Dart, Inc. | System and method for performing a variety of transactions having distributed decision-making capability |
US5790677A (en) | 1995-06-29 | 1998-08-04 | Microsoft Corporation | System and method for secure electronic commerce transactions |
US5754653A (en) | 1995-07-26 | 1998-05-19 | Canfield; Henry A. | Coding formula for verifying checks and credit cards |
JPH0950465A (en) | 1995-08-04 | 1997-02-18 | Hitachi Ltd | Electronic shopping method, electronic shopping system and document authentication method |
US5671280A (en) | 1995-08-30 | 1997-09-23 | Citibank, N.A. | System and method for commercial payments using trusted agents |
US5663553A (en) | 1995-09-27 | 1997-09-02 | Intel Corporation | Mass storage device adapter for smart cards |
NL1001863C2 (en) | 1995-12-08 | 1997-06-10 | Nederland Ptt | Method for securely writing down an electronic payment method, as well as payment method for implementing the method. |
US6003763A (en) | 1995-12-29 | 1999-12-21 | Visa International Service | Method and apparatus for recording magnetic information on traveler's checks |
US5850442A (en) | 1996-03-26 | 1998-12-15 | Entegrity Solutions Corporation | Secure world wide electronic commerce over an open network |
US5915226A (en) | 1996-04-19 | 1999-06-22 | Gemplus Card International | Prepaid smart card in a GSM based wireless telephone network and method for operating prepaid cards |
FR2748152B1 (en) | 1996-04-30 | 1998-08-07 | Gemplus Card Int | LOW THICKNESS INTEGRATED CIRCUIT BOARD HAVING IMPROVED MANUALLY OPERATED SWITCH |
US6075861A (en) | 1996-05-29 | 2000-06-13 | At&T Corp. | Security access system |
US5834756A (en) | 1996-06-03 | 1998-11-10 | Motorola, Inc. | Magnetically communicative card |
US6072870A (en) | 1996-06-17 | 2000-06-06 | Verifone Inc. | System, method and article of manufacture for a gateway payment architecture utilizing a multichannel, extensible, flexible architecture |
US5831862A (en) | 1996-08-05 | 1998-11-03 | Mars, Incorporated | Automatic transaction system with a dynamic display and methods of its operation |
US5913203A (en) | 1996-10-03 | 1999-06-15 | Jaesent Inc. | System and method for pseudo cash transactions |
US6029150A (en) | 1996-10-04 | 2000-02-22 | Certco, Llc | Payment and transactions in electronic commerce system |
US5953710A (en) | 1996-10-09 | 1999-09-14 | Fleming; Stephen S. | Children's credit or debit card system |
US5905246A (en) | 1996-10-31 | 1999-05-18 | Fajkowski; Peter W. | Method and apparatus for coupon management and redemption |
US5844497A (en) | 1996-11-07 | 1998-12-01 | Litronic, Inc. | Apparatus and method for providing an authentication system |
US5932869A (en) | 1996-12-27 | 1999-08-03 | Graphic Technology, Inc. | Promotional system with magnetic stripe and visual thermo-reversible print surfaced medium |
US5988510A (en) | 1997-02-13 | 1999-11-23 | Micron Communications, Inc. | Tamper resistant smart card and method of protecting data in a smart card |
IL120672A (en) | 1997-04-15 | 2000-06-29 | Nush Marketing Man And Consult | System for transaction over communication network |
US6012636A (en) | 1997-04-22 | 2000-01-11 | Smith; Frank E. | Multiple card data system having first and second memory elements including magnetic strip and fingerprints scanning means |
US6111953A (en) | 1997-05-21 | 2000-08-29 | Walker Digital, Llc | Method and apparatus for authenticating a document |
US6078888A (en) | 1997-07-16 | 2000-06-20 | Gilbarco Inc. | Cryptography security for remote dispenser transactions |
AU8596098A (en) | 1997-07-25 | 1999-02-16 | Main Street Marketing | Automated credit card payment system |
US6003014A (en) | 1997-08-22 | 1999-12-14 | Visa International Service Association | Method and apparatus for acquiring access using a smart card |
US6163771A (en) * | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
US7177835B1 (en) * | 1997-08-28 | 2007-02-13 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
US5883810A (en) | 1997-09-24 | 1999-03-16 | Microsoft Corporation | Electronic online commerce card with transactionproxy number for online transactions |
US6000832A (en) | 1997-09-24 | 1999-12-14 | Microsoft Corporation | Electronic online commerce card with customer generated transaction proxy number for online transactions |
US6047268A (en) | 1997-11-04 | 2000-04-04 | A.T.&T. Corporation | Method and apparatus for billing for transactions conducted over the internet |
US6050493A (en) | 1997-12-01 | 2000-04-18 | American Floral Company, Llc | Pre-paid flower or gift card |
EP0921487A3 (en) | 1997-12-08 | 2000-07-26 | Nippon Telegraph and Telephone Corporation | Method and system for billing on the internet |
US6188309B1 (en) | 1998-01-07 | 2001-02-13 | At&T Corp | Method and apparatus for minimizing credit card fraud |
US6101477A (en) | 1998-01-23 | 2000-08-08 | American Express Travel Related Services Company, Inc. | Methods and apparatus for a travel-related multi-function smartcard |
US6098053A (en) | 1998-01-28 | 2000-08-01 | Citibank, N.A. | System and method for performing an electronic financial transaction |
US5943241A (en) | 1998-03-13 | 1999-08-24 | Interlott Technologies, Inc. | Item dispensing system |
US6636833B1 (en) | 1998-03-25 | 2003-10-21 | Obis Patents Ltd. | Credit card system and method |
US6422462B1 (en) * | 1998-03-30 | 2002-07-23 | Morris E. Cohen | Apparatus and methods for improved credit cards and credit card transactions |
US6315195B1 (en) * | 1998-04-17 | 2001-11-13 | Diebold, Incorporated | Transaction apparatus and method |
US6068184A (en) | 1998-04-27 | 2000-05-30 | Barnett; Donald A. | Security card and system for use thereof |
US6199762B1 (en) | 1998-05-06 | 2001-03-13 | American Express Travel Related Services Co., Inc. | Methods and apparatus for dynamic smartcard synchronization and personalization |
US6029890A (en) | 1998-06-22 | 2000-02-29 | Austin; Frank | User-Specified credit card system |
IL125826A (en) | 1998-08-17 | 2001-05-20 | Ur Jonathan Shem | Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein |
US6182894B1 (en) | 1998-10-28 | 2001-02-06 | American Express Travel Related Services Company, Inc. | Systems and methods for authorizing a transaction card |
US7236950B2 (en) * | 1998-10-29 | 2007-06-26 | Universal Card Services Corp. | Method and system of combined billing of multiple accounts on a single statement |
FR2786013B1 (en) | 1998-11-12 | 2001-01-19 | Gemplus Card Int | AUTHENTICATION METHOD BETWEEN A MEMORY CARD AND A TERMINAL |
US6032134A (en) | 1998-11-18 | 2000-02-29 | Weissman; Steven I. | Credit card billing system for identifying expenditures on a credit card account |
US6257486B1 (en) | 1998-11-23 | 2001-07-10 | Cardis Research & Development Ltd. | Smart card pin system, card, and reader |
US6339766B1 (en) | 1998-12-02 | 2002-01-15 | Transactionsecure | Electronic payment system employing limited-use account number |
US6327578B1 (en) | 1998-12-29 | 2001-12-04 | International Business Machines Corporation | Four-party credit/debit payment protocol |
JP2000322486A (en) | 1999-02-12 | 2000-11-24 | Citibank Na | Method and system for fulfilling bank card transaction |
ES2191608T3 (en) | 1999-02-18 | 2003-09-16 | Orbis Patents Ltd | SYSTEM AND METHOD OF CREDIT CARD. |
GB9904791D0 (en) | 1999-03-02 | 1999-04-28 | Smartport Limited | An internet interface system |
AU762165B2 (en) | 1999-03-11 | 2003-06-19 | Sora Applications Llc | Methods and apparatus for authenticating the download of information onto a smart card |
US6230977B1 (en) | 1999-03-18 | 2001-05-15 | Axiohm Transaction Solutions, Inc. | Apparatus for processing warped, bowed and bent credit cards |
US20040083184A1 (en) * | 1999-04-19 | 2004-04-29 | First Data Corporation | Anonymous card transactions |
US6227447B1 (en) | 1999-05-10 | 2001-05-08 | First Usa Bank, Na | Cardless payment system |
US6938022B1 (en) * | 1999-06-12 | 2005-08-30 | Tara C. Singhal | Method and apparatus for facilitating an anonymous information system and anonymous service transactions |
WO2001008066A1 (en) * | 1999-07-26 | 2001-02-01 | Iprivacy Llc | Electronic purchase of goods over a communication network including physical delivery while securing private and personal information |
US6224109B1 (en) | 1999-08-07 | 2001-05-01 | James Yung Chien Yang | Credit card with driver's license or identification |
USD436620S1 (en) | 1999-09-01 | 2001-01-23 | American Express Travel Related Services Company, Inc. | Transparent card with a machine readable stripe, IC chip and ornamental rectangle |
US6213403B1 (en) | 1999-09-10 | 2001-04-10 | Itt Manufacturing Enterprises, Inc. | IC card with fingerprint sensor |
US6394343B1 (en) | 1999-10-14 | 2002-05-28 | Jon N. Berg | System for card to card transfer of monetary values |
US6332134B1 (en) | 1999-11-01 | 2001-12-18 | Chuck Foster | Financial transaction system |
US20020070279A1 (en) | 1999-12-21 | 2002-06-13 | Zausner Alan J. | Methods and apparatus for illuminating a transaction card |
WO2001050429A1 (en) | 2000-01-05 | 2001-07-12 | American Express Travel Related Services Company, Inc. | Smartcard internet authorization system |
US6742704B2 (en) | 2000-01-21 | 2004-06-01 | American Express Travel Related Services Company, Inc. | Multiple-service card system |
US6847953B2 (en) | 2000-02-04 | 2005-01-25 | Kuo James Shaw-Han | Process and method for secure online transactions with calculated risk and against fraud |
US6457640B2 (en) * | 2000-02-05 | 2002-10-01 | Diebold, Incorporated | System and method for dispensing digital information from an automated transaction machine |
US7003501B2 (en) * | 2000-02-11 | 2006-02-21 | Maurice Ostroff | Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites |
US20060190412A1 (en) * | 2000-02-11 | 2006-08-24 | Maurice Ostroff | Method and system for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites |
AUPQ564400A0 (en) * | 2000-02-16 | 2000-03-09 | Ong, Yong Kin (Michael) | Electronic credit card-ecc |
US6834270B1 (en) | 2000-02-28 | 2004-12-21 | Carlo Pagani | Secured financial transaction system using single use codes |
WO2001067355A2 (en) | 2000-03-07 | 2001-09-13 | American Express Travel Related Services Company, Inc. | System for facilitating a transaction |
WO2001069556A2 (en) | 2000-03-15 | 2001-09-20 | Mastercard International Incorporated | Method and system for secure payments over a computer network |
FR2806858B1 (en) | 2000-03-22 | 2002-05-03 | France Telecom | CRYPTOGRAPHIC PROTECTION AGAINST FRAUD |
US7379919B2 (en) | 2000-04-11 | 2008-05-27 | Mastercard International Incorporated | Method and system for conducting secure payments over a computer network |
CA2406375C (en) | 2000-04-11 | 2017-05-09 | Mastercard International Incorporated | An improved method and system for conducting secure payments over a computer network |
US7177848B2 (en) | 2000-04-11 | 2007-02-13 | Mastercard International Incorporated | Method and system for conducting secure payments over a computer network without a pseudo or proxy account number |
US6990470B2 (en) | 2000-04-11 | 2006-01-24 | Mastercard International Incorporated | Method and system for conducting secure payments over a computer network |
US20010047335A1 (en) * | 2000-04-28 | 2001-11-29 | Martin Arndt | Secure payment method and apparatus |
US6609654B1 (en) * | 2000-05-15 | 2003-08-26 | Privasys, Inc. | Method for allowing a user to customize use of a payment card that generates a different payment card number for multiple transactions |
US6592044B1 (en) * | 2000-05-15 | 2003-07-15 | Jacob Y. Wong | Anonymous electronic card for generating personal coupons useful in commercial and security transactions |
US6755341B1 (en) * | 2000-05-15 | 2004-06-29 | Jacob Y. Wong | Method for storing data in payment card transaction |
US6990586B1 (en) * | 2000-06-02 | 2006-01-24 | International Business Machines Corp. | Secure data transmission from unsecured input environments |
US7058611B2 (en) | 2000-07-10 | 2006-06-06 | Mastercard International Incorporated | Method and system for conducting secure electronic commerce transactions with authorization request data loop-back |
DE10038287A1 (en) | 2000-08-05 | 2002-02-21 | Itt Mfg Enterprises Inc | Plug-in card for electronic devices |
AU2002227104A1 (en) * | 2000-10-24 | 2002-05-21 | Clickshare Service Corp. | Completely anonymous purchasing of goods on a computer network |
US20020083010A1 (en) | 2000-12-11 | 2002-06-27 | Namsuk Kim | Electronic identification system |
US20020096570A1 (en) * | 2001-01-25 | 2002-07-25 | Wong Jacob Y. | Card with a dynamic embossing apparatus |
US6915279B2 (en) | 2001-03-09 | 2005-07-05 | Mastercard International Incorporated | System and method for conducting secure payment transactions |
US7181017B1 (en) * | 2001-03-23 | 2007-02-20 | David Felsher | System and method for secure three-party communications |
US7225156B2 (en) * | 2001-07-11 | 2007-05-29 | Fisher Douglas C | Persistent dynamic payment service |
WO2003014867A2 (en) * | 2001-08-03 | 2003-02-20 | John Allen Ananian | Personalized interactive digital catalog profiling |
US6607127B2 (en) * | 2001-09-18 | 2003-08-19 | Jacob Y. Wong | Magnetic stripe bridge |
TW594271B (en) * | 2003-09-23 | 2004-06-21 | Optimax Tech Corp | Polarization plate capable of increasing LCD contrast of large viewing angle |
US7793851B2 (en) * | 2005-05-09 | 2010-09-14 | Dynamics Inc. | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
-
2001
- 2001-09-21 US US09/960,714 patent/US6805288B2/en not_active Expired - Lifetime
-
2004
- 2004-10-18 US US10/968,399 patent/US8191772B2/en not_active Expired - Fee Related
- 2004-10-18 US US10/968,401 patent/US20050086177A1/en not_active Abandoned
- 2004-10-18 US US10/968,402 patent/US7693798B2/en not_active Expired - Fee Related
- 2004-10-18 US US10/968,398 patent/US7748616B2/en not_active Expired - Fee Related
-
2012
- 2012-04-03 US US13/438,710 patent/US8690055B2/en not_active Expired - Fee Related
- 2012-06-20 US US13/528,062 patent/US20120317037A1/en not_active Abandoned
- 2012-06-21 US US13/529,713 patent/US20120265689A1/en not_active Abandoned
-
2014
- 2014-02-24 US US14/188,491 patent/US20140231527A1/en not_active Abandoned
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050086177A1 (en) * | 2000-05-15 | 2005-04-21 | Anderson Roy L. | Method for customizing payment card transactions at the time of the transactions |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130248594A1 (en) * | 2012-03-21 | 2013-09-26 | Sunit SOOM | Multi-function, interactive payment card |
US20170316479A1 (en) * | 2016-04-29 | 2017-11-02 | Bank Of America Corporation | System for user authentication based on linking a randomly generated number to the user and a physical item |
US10460367B2 (en) * | 2016-04-29 | 2019-10-29 | Bank Of America Corporation | System for user authentication based on linking a randomly generated number to the user and a physical item |
US10268635B2 (en) | 2016-06-17 | 2019-04-23 | Bank Of America Corporation | System for data rotation through tokenization |
Also Published As
Publication number | Publication date |
---|---|
US20050082362A1 (en) | 2005-04-21 |
US20050080747A1 (en) | 2005-04-14 |
US6805288B2 (en) | 2004-10-19 |
US8191772B2 (en) | 2012-06-05 |
US20030034388A1 (en) | 2003-02-20 |
US7693798B2 (en) | 2010-04-06 |
US8690055B2 (en) | 2014-04-08 |
US20050086177A1 (en) | 2005-04-21 |
US20140231527A1 (en) | 2014-08-21 |
US7748616B2 (en) | 2010-07-06 |
US20120205443A1 (en) | 2012-08-16 |
US20050086160A1 (en) | 2005-04-21 |
US20120317037A1 (en) | 2012-12-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8690055B2 (en) | Electronic card | |
US6592044B1 (en) | Anonymous electronic card for generating personal coupons useful in commercial and security transactions | |
US7559464B2 (en) | Method for generating customer secure card numbers | |
US6609654B1 (en) | Method for allowing a user to customize use of a payment card that generates a different payment card number for multiple transactions | |
US9679290B2 (en) | Personal token read system and method | |
US9830598B2 (en) | Magnetic emissive use of preloaded payment card account numbers | |
WO2001088659A9 (en) | Electronic cards capable of being read by a magnetic stripe reader and methods for their use | |
US8201747B2 (en) | Auto-sequencing financial payment display card | |
US8712892B2 (en) | Verification of a portable consumer device in an offline environment | |
US7089214B2 (en) | Method for utilizing a portable electronic authorization device to approve transactions between a user and an electronic transaction system | |
US7690580B2 (en) | Transaction cards having dynamically reconfigurable data interface and methods for using same | |
US20070262138A1 (en) | Dynamic encryption of payment card numbers in electronic payment transactions | |
US20020198848A1 (en) | Transaction verification system and method | |
US20050091152A1 (en) | Method and System for Approving Card Transactions | |
Radu | Implementing electronic card payment systems | |
US20090140044A1 (en) | Secure cards and methods | |
Read | EFTPOS: electronic funds transfer at point of sale | |
Caelli et al. | Financial and Banking Networks | |
Pluktadachai | Evolution of the electronic purse: case studies of Thailand and Hong Kong |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |