US20210110702A1 - Silent alarms for economic duress - Google Patents

Silent alarms for economic duress Download PDF

Info

Publication number
US20210110702A1
US20210110702A1 US16/598,331 US201916598331A US2021110702A1 US 20210110702 A1 US20210110702 A1 US 20210110702A1 US 201916598331 A US201916598331 A US 201916598331A US 2021110702 A1 US2021110702 A1 US 2021110702A1
Authority
US
United States
Prior art keywords
customer
trouble
card
request
evaluation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US16/598,331
Other versions
US10991231B1 (en
Inventor
Maria Carolina Barraza Enciso
Katherine Dintenfass
Elena Kvochko
Monika Kapur
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of America Corp
Original Assignee
Bank of America Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of America Corp filed Critical Bank of America Corp
Priority to US16/598,331 priority Critical patent/US10991231B1/en
Assigned to BANK OF AMERICA CORPORATION reassignment BANK OF AMERICA CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: DINTENFASS, KATHERINE, BARRAZA ENCISO, MARIA CAROLINA, KVOCHKO, ELENA, KAPUR, MONIKA
Publication of US20210110702A1 publication Critical patent/US20210110702A1/en
Application granted granted Critical
Publication of US10991231B1 publication Critical patent/US10991231B1/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B25/00Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems
    • G08B25/01Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems characterised by the transmission medium
    • G08B25/016Personal emergency signalling and security systems
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/207Surveillance aspects at ATMs
    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B13/00Burglar, theft or intruder alarms
    • G08B13/02Mechanical actuation
    • G08B13/10Mechanical actuation by pressure on floors, floor coverings, stair treads, counters, or tills
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud

Definitions

  • Access to products and services typically requires the performance of institutional evaluation on the part of a vendor.
  • the evaluation includes verifying the identity of an individual who requests the products or services.
  • the evaluation may also include verification of the individual's resources. Individuals may misrepresent value of the resources in connection with the request. Individuals may purport to be, or to make such a request on behalf of, a second individual who is better positioned to prove possession of assets than is the first individual.
  • Electronic commerce and communication infrastructure have provided inexpensive and easily accessible opportunities to request products and services, and have made obtaining proof of the resources, and providing them to the vendor, easy. However, electronic commerce and communication infrastructure have made it easier for individuals to make misrepresentations about their resources and about their authority to act on behalf of others, or to pose as others. Intervention in the improper activities of such individuals benefits from proper timing to avoid injury to those being exploited.
  • FIG. 1 shows illustrative apparatus that may be used in accordance with principles of the invention.
  • FIG. 2 shows illustrative apparatus that may be used in accordance with principles of the invention.
  • FIG. 3 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 4 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 5 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 6 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 7 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 8 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 9 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 10 shows illustrative apparatus in accordance with principles of the invention, in a partial cross-sectional view that corresponds to that taken along lines 10 - 10 in FIG. 9 .
  • FIG. 11 shows illustrative steps of processes in accordance with principles of the invention.
  • FIG. 12 shows illustrative steps of processes in accordance with principles of the invention.
  • FIG. 13 shows illustrative steps of processes in accordance with principles of the invention.
  • FIG. 14 shows illustrative steps of processes in accordance with principles of the invention.
  • “Economic exploitation” encompasses a spectrum of societal ills in which a legitimate consumer, the consumer's assets, credit, reputation, and the like, usually legitimately earned and cultivated, are used by a predator to gain access to goods and services to which the predator has no intrinsic ownership or control, or no legal rights to access or encumber.
  • This may include a domestic violence situation, for example.
  • the customer may need to alert a vendor of the goods and services that if the customer's my social security number is used in a request for the goods and services, the vendor should automatically reject the request. This may prevent the customer from unwillingly or unwittingly being burdened with liability—for example a loan, or a series of loans.
  • the alert may be communicated to law enforcement, who may participate in analysis of the exploitation, and, if appropriate, intervention.
  • a woman and man come to the vendor together for loan application.
  • the apparatus and methods may permit the couple to to go through the process, but the loan may be denied loan without any additional checks or controls, and certainly before opening the loan account.
  • Vendor personnel may pretend that the couple can pursue the loan through the evaluation process.
  • the vendor may refrain from triggering any additional questions of the couple. This may prevent the triggering of additional violence.
  • the vendor would annotate the vendor's records to indicate that the woman was in a domestic violence situation.
  • the record may be used in evaluation of a subsequent loan application by the customer to show a pattern of exploitation, and, in the subsequent application, increase scrutiny for possible exploitation, and perhaps intensify or accelerate intervention.
  • the customer may use a transaction instrument such as an information card, a mobile communication device, a cell phone, or the like to alert the vendor of an issue.
  • a transaction instrument such as an information card, a mobile communication device, a cell phone, or the like to alert the vendor of an issue.
  • a request form such as an application
  • the download of a request form could itself be a trigger to alert the vendor.
  • a predetermined data element such as a social security number
  • submits the form the submission of that specific data element could then trigger the communication of the alert to the vendor, an intervention party, or both.
  • the apparatus and methods may provide a new paradigm for security—open an account only after possible triggering of an exploitation alert, and do so silently—without explanation that might provoke aggression of the predator against the customer.
  • the apparatus and methods may include providing an opportunity for the customer to opt-in to an alerting system.
  • the system may electronically query the customer after an alarm is triggered.
  • the customer may click a button on a mobile device.
  • the click may indicate, “Yes, I need help,” or, “No, this is OK.”
  • the button may include a biometrically-based signal. This may prevent the predator for impersonating the customer to opt out or circumvent the alert system.
  • the apparatus and methods may include a platform for tagging a social security number and/or other suitable identification number.
  • the system may preventively allow a person associated with a social security number to automatically flag and deny any product or service request associated with the social security number.
  • the denial may be permanent, temporary, or for a predetermined period of time. The denial may be conditioned upon further evaluation during the evaluation process. The period of time may be conditioned upon further evaluation during the evaluation process.
  • Detection of the customer's entry of the customer's social security number in the request may trigger an alert on the mobile device of the person.
  • the alert may request additional information.
  • the alert may notify the person about the request.
  • the platform may initiate a security check prior to initiation of an evaluation process upon which the provision of the product or service is conditioned.
  • the platform may send the social security number to an intervention party.
  • the platform may send the social security number to an investigative party to evaluate facts related to possible coercion.
  • the investigative party may be part of the institution providing the product or services.
  • the investigative party may be a third party.
  • the investigative party may be part of a law enforcement agency.
  • the investigative party may electronically search records, including police records that may name the person or an associate of the person purporting to act on behalf of the person. The fact of multiple attempts to obtain the product or services using the person's social security may be used to trigger transmission of a notice to a law enforcement agency.
  • Evaluation may include any process in which an offeror of the product or service receives information a customer, prospective customer, applicant, inquirer or other individual in contemplation of providing to the individual the product or services. Evaluation may include a diligence process, an analytical process, a background check process, an asset assessment process, a liability assessment process, or any other suitable process.
  • the platform may direct that the person biometrically authenticate the person's identity. The platform may direct that the person physically appear to participate in the evaluation process.
  • Predators have different modi operandi. Some impersonate the customer online. Some impersonate the customer by telephone. Some predators request of the vendor a new service such as a credit card, a loan, a mortgage, and the like. Some predators request a cash advance. Some predators request use the customer's credit account to make transactions until a credit limit is reached. Some predators request a second mortgage using the customer's asset as collateral. Some predators use physical or psychological force on the customer.
  • the apparatus and methods may include native-feature, card-reader-based, customer-triggered silent alarms for alerting an institution that an interaction between a customer, or a customer's associate purporting to act on behalf of the customer, is being carried out under duress or coercion.
  • the reader may provide the customer with an opportunity to activate the alarm by typing keystrokes into the reader.
  • the keystrokes may be preselected by the customer.
  • the keystrokes may be displayed by the reader display.
  • the keystrokes may be a sequence related to the customer's PIN.
  • the silent alarm is “silent,” in that the alarm may be configured to initiate an institution internal process in which the customer interaction with the institution follows a normal trajectory until an intervention can be effectively executed on behalf of the customer. This reduces the likelihood of a reaction from the customer's associate prior to completion of the interaction.
  • the apparatus and methods may include a custom card-reader-based, customer-triggered silent alarm for alerting the institution that the interaction is being carried out under duress or coercion.
  • the reader may provide the customer with an opportunity to activate the alarm by instructing the customer to interact with a physical sensor on the reader.
  • the apparatus and methods may include a custom on-card, customer-triggered silent alarm for alerting the institution that a transaction or application is being carried out under duress or coercion.
  • the reader may provide the customer with an opportunity to activate the alarm by instructing the customer to interact with a circuit on the information card.
  • the circuit may include a contact on the card chip or an auxiliary circuit built into the card.
  • the circuit may be disposed on the card in a location that is exposed outside the reader when the card is fully inserted into the reader.
  • the circuit may include a sensor that is downward-facing so that the customer can activate the alarm without detection by an onlooker, such as the associate.
  • the apparatus and methods may include methods for controlling flow of a product between a customer and a vendor.
  • “Product” may include “service.”
  • the methods may include electronically granting a first permission, for interacting with a customer, to first institutional representatives.
  • the methods may include electronically granting a second permission, excluding interacting with the customer, to second institutional representatives.
  • the methods may include receiving from a party a request for a product. Table 1, below, lists illustrative products.
  • the request may name a customer.
  • the request may identify the customer with a social security number.
  • the methods may involve one or more processes.
  • a process is defined as computer software that accumulates electronic records corresponding to facts, figures, inquiries and conclusions, provides reports and summaries regarding status of the records and unfulfilled requests for records, and notifies users about predetermined time-constraints on accumulation of the records.
  • the methods may include initializing an electronic evaluation-process corresponding to the request.
  • the methods may include determining that the social security number is electronically flagged by the customer.
  • the methods may include initializing an electronic trouble-mitigation process corresponding to the request. Records in the electronic evaluation process may be viewable under either of the first permission and the second permission. Records in the electronic trouble-mitigation process may be records that are not viewable under the first permission and viewable under the second permission.
  • the determining may include identifying the social security number in a registry.
  • the methods may include accessing the registry as an institutional user and not accessing the registry as an administrator of the registry.
  • the methods may include assigning to the evaluation process an evaluation timeline.
  • the methods may include adding a series of evaluation records to the evaluation process in conformance with the timeline.
  • the methods may include, during the adding, echoing an evaluation record from the evaluation process to the trouble-mitigation process.
  • the methods may include transmitting to a customer mobile communication device an alert indicating initiation of the trouble-mitigation process.
  • the methods may include, trouble-mitigation process, adding to the evaluation process a record requiring biometric authentication of the customer.
  • the source of a record corresponding to the requirement may be unidentifiable in the evaluation process by the first representatives.
  • the methods may include, from the trouble-mitigation process, adding to the evaluation process a record requiring in-person attendance of the customer at a meeting with first representatives.
  • the source of a record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
  • the methods may include, from the trouble-mitigation process, adding to the evaluation process a record requiring an electronic on-card communication from the customer.
  • the source of a record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
  • the methods may include providing to the customer a link to the social security number registry.
  • the determining may include authenticating an institution to the registry.
  • the methods may include echoing a record from the evaluation process to the trouble-mitigation process.
  • the methods may include transmitting a suspicious activity report to an intervention party.
  • the methods may include electronically granting the second permission to the intervention party.
  • the methods may include receiving a stop-process instruction from the intervention party.
  • the methods may include, from the trouble-mitigation process, adding to the evaluation process a record including a stop-process instruction.
  • the source of the record corresponding to the requirement may be unidentifiable in the evaluation process by the first representatives.
  • the methods may include denying the request.
  • the methods may include electronically searching public documents naming the customer.
  • the methods may include culling the documents based on indicia of economic exploitation.
  • the methods may include entering into the trouble-mitigation process a record corresponding to a culled document.
  • the request may be a current request that is received by a product vendor.
  • the methods may include identifying in an archive owned by the vendor a record of a prior request naming the customer.
  • the methods may include entering into the trouble-mitigation process a record indicating historical activity naming the customer.
  • the methods may include, in response to the historical activity, transmitting an electronic alert to an administrator authorized to obtain both the first and the second permission.
  • the methods may include identifying in an archive owned by the vendor a record of a prior request naming an individual that is not the customer.
  • the methods may include entering into the trouble-mitigation process a record indicating historical activity naming the individual.
  • the apparatus and methods may include methods for controlling flow of a product between a customer and a vendor.
  • the methods may include receiving an Answer-to-Reset (“ATR”) response from an information card.
  • ATR Answer-to-Reset
  • Table 3 lists illustrative standards that involve answers-to-reset, communication between computers, card readers, cards, and the like.
  • Table 4 lists illustrative types of information cards.
  • the methods may include using an off-card process, displaying on a card-accepting device an instruction to enter a user trouble-key sequence.
  • a user may enter the trouble-key sequence to indicate a trouble condition.
  • the trouble condition may be urgent.
  • the trouble condition may be non-urgent.
  • the methods may include receiving the trouble code.
  • the methods may include, in response to receiving the trouble code, communicating to a back-end system a trouble code flag.
  • the methods may include transmitting to the information card an application selection.
  • the trouble-key sequence may correspond to a duress condition.
  • the duress condition may be non-urgent.
  • the trouble-key sequence may correspond to a panic condition.
  • the panic condition may be urgent. If the user indicates duress, the trouble-mitigation process may track the evaluation process without interfering with the evaluation process. This may allow intervention parties to engage in a first level of fact gathering. If the user indicates panic, the trouble-mitigation process may track the evaluation process, but may intervene in the evaluation process before completion of the evaluation process to protect the user from imminent harm.
  • the instruction may include both a duress element and a panic element.
  • the instruction may include a first prompt for the user to provide a first trouble key sequence to signal duress.
  • the instruction may include a second prompt for the user to provide a second trouble key sequence to signal panic.
  • the methods may include, using the off-card process providing the trouble-key sequence to the information card.
  • the methods may include, using the off-card process receiving from the smart-card a verification of the trouble-key sequence.
  • the methods may include, after receiving the trouble code, engaging electronically in an information card application selection negotiation.
  • the methods may include verifying a customer identity.
  • the methods may include placing an electronic tag on an interaction between a reader and the information card.
  • the methods may include transmitting to an issuer back-end system the trouble flag and the tag.
  • the methods may include receiving at the back-end system the trouble flag and the tag.
  • the methods may include using the tag to identify a customer.
  • the methods may include establishing a one-way viewport from an intervention process to subsequent transactions between a provider of the product and the customer.
  • a viewport may be a logically defined viewport.
  • a viewport may be defined by a logical permission to view a data record.
  • the methods may include initiating a search for publicly available records corresponding to the customer.
  • the methods may include reporting to a case manager results from the search.
  • the methods may include providing to a law enforcement agency electronic access to the viewport.
  • the customer may be a first customer having a first risk profile.
  • the risk profile may be correlated statistically with another customer's risk profile.
  • the correlation may be based on behavioral attributes.
  • the behavioral attributes may signify patterns of being subjected to economic exploitation. Table 5 lists illustrative attributes.
  • Illustrative attributes Identification attributes Past intervention events Past co-signor participation in product applications Past bankruptcy Past payment to accounts naming others Past cosigning with applicants implicated in acts of economic exploitation Public records indicating involvement in suspicious economic activity Other suitable attributes
  • the viewport may be a first viewport.
  • the methods may include providing to the law enforcement agency electronic access to a second viewport that corresponds to a second customer having a second risk profile that is correlated with the first risk profile.
  • the communicating may initiate an electronic trouble-mitigation process.
  • the transmitting may initiate an electronic evaluation process.
  • the methods may include electronically granting a first permission, for interacting with a customer, to first institutional representatives.
  • the methods may include electronically granting a second permission, excluding interacting with the customer, to second institutional representatives. Records in the electronic evaluation process may be viewable under either of the first permission and the second permission. Records in the electronic trouble-mitigation process may be records that are not viewable under the first permission and are viewable under the second permission.
  • the methods may include assigning to the evaluation process an evaluation timeline.
  • the methods may include adding a series of evaluation records to the evaluation process in conformance with the timeline.
  • Table 6 lists illustrative evaluation records.
  • Illustrative evaluation records Cash on Hand & in banks Accounts Payable Savings Accounts Notes Payable to Banks and Others IRA or Other Retirement Account Installment Account (Auto) Accounts & Notes Receivable Life Insurance - Cash Surrender Value Loan(s) against Life Insurance Stocks and Bonds Mortgages on Real Estate Real Estate Unpaid Taxes Automobiles Other Liabilities Other Personal Property Salary Loans, as Endorser or Co-Maker Net Investment Income Legal Claims & Judgments Real Estate Income Other suitable evaluation records
  • the methods may include, during the adding, echoing an evaluation record from the evaluation process to the trouble-mitigation process.
  • the methods may include transmitting a suspicious activity report to an intervention.
  • the methods may include electronically granting the second permission to the intervention party.
  • the methods may include receiving a stop-process instruction from the intervention party.
  • the methods may include, from the trouble-mitigation process, adding to the evaluation process a record including a stop-process instruction.
  • the source of the record corresponding to the requirement may be unidentifiable in the evaluation process by the first representatives.
  • the methods may include receiving from the information card a transaction certificate.
  • the transaction certificate may include an application protocol data unit (“ADPU”) transaction certificate (“TC”) message.
  • ADPU application protocol data unit
  • TC transaction certificate
  • the apparatus and methods may include apparatus for card acceptance.
  • the apparatus may include a card acceptance device.
  • the card may be an information card.
  • the apparatus may include a numerical key pad.
  • the pad may include one or more keys corresponding, respectively, to numerals 0, 1, 2, 3, 4, 5 6, 7, 8 and 9.
  • the apparatus may include a pound key (“#”).
  • the apparatus may include a star key (“*”).
  • the apparatus may include an ENTER key.
  • the apparatus may include a CANCEL key.
  • the apparatus may include a trouble key.
  • the trouble key may be exclusively for transmitting a trouble flag.
  • the apparatus may include an off-card microprocessor configured to sense an activation of a key of the keys.
  • the apparatus may include an operating system for the off-card microprocessor.
  • the microprocessor may be configured to exchange APDU messages, with an information card, based on activation of the keys.
  • the microprocessor may be configured to transmit, in response to activation of the trouble key, to a back-end system, a trouble flag that is logically linked to the customer through a transaction identifier.
  • the operating system may be configured to do one, some or all of the following acts before transmitting the trouble flag: receive from a user a PIN; provide the PIN to the card; and receive from the card verification of the PIN.
  • the operating system may be configured to provide the PIN to the card as an argument of an APDU command.
  • the apparatus may include an enclosure.
  • the enclosure may enclose the microprocessor.
  • the enclosure may support the keypad.
  • the enclosure may bear the trouble key. Trouble key may be disposed external to the keypad.
  • the enclosure may include a top facet bearing the keypad.
  • the enclosure may include a top facet bearing the keypad.
  • the enclosure may include a vertical prism bearing the trouble key.
  • the prism may include a shape in which facets or tangents to the facets are oriented parallel or near parallel to an axis.
  • the trouble key may be in electronic communication with the microprocessor.
  • the prism may include a first vertical lateral facet.
  • the prism may include a second vertical lateral facet opposite the first lateral facet.
  • the prism may include a card slot facet extending, adjacent an end of the keypad having the star and pound keys, between the first and second vertical lateral facets.
  • the prism may include a distal vertical facet extending, adjacent an end of the keypad having the 1, 2, and 3 keys, between the first and second vertical lateral facets.
  • the first vertical lateral facet may bear the trouble key.
  • the card slot facet may bear the trouble key.
  • the distal vertical facet may bear the trouble key.
  • the apparatus may include, when the trouble key is a first trouble key, a second trouble key in electronic communication with the microprocessor.
  • the operating system may be configured to transmit the trouble flag only after activation of both the first and second trouble keys.
  • the operating system may be configured to transmit the trouble flag only after simultaneous activation of both the first and second trouble keys.
  • the operating system may be configured to transmit the trouble flag only after a sequence of activations of both the first and second trouble keys.
  • the first vertical lateral facet may bear the first trouble key.
  • the second vertical lateral facet may bear the second trouble key.
  • the trouble key may include a sensor.
  • Table 7 lists illustrative sensors.
  • Temperature sensor Pressure sensor Capacitance sensor Displacement sensor Electrical resistance (conductance) sensor e.g., for closing a circuit with a body part, e.g., hand, fingers
  • Other suitable sensors e.g., Temperature sensor Pressure sensor Capacitance sensor Displacement sensor Electrical resistance (conductance) sensor (e.g., for closing a circuit with a body part, e.g., hand, fingers)
  • Other suitable sensors e.g., for closing a circuit with a body part, e.g., hand, fingers
  • the apparatus and methods may include methods for initiating a silent alarm in a card reader.
  • the methods may include receiving at a card acceptance device an ATR response from an information card.
  • the methods may include using an off-card process selecting an on-card app.
  • the application may be a security app.
  • the application may be a customer identification app.
  • the application may be a customer verification methods (“CVM”) app.
  • the methods may include using the off-card process, displaying on the card acceptance device an instruction to activate a security circuit on an information card.
  • the methods may include receiving from the information card a trouble flag corresponding to activation by a user of a security circuit on the card.
  • the methods may include receiving a user identification verification from the information card.
  • the methods may include, after the receiving, communicating the trouble flag and a unique verification identifier to a back-end system.
  • the methods may include, using the off-card process, receiving a user authorization to complete an on-card transaction.
  • the methods may include, using the off-card process, displaying a transaction completed message on a display.
  • the trouble flag may correspond to a duress condition.
  • the trouble flag may correspond to a panic condition.
  • the instruction may include both a duress element and a panic element.
  • the methods may include receiving at the back-end system the trouble flag and the tag.
  • the methods may include using the tag to identify a customer.
  • the methods may include establishing a one-way viewport from an intervention process to subsequent transactions between a provider of the product and the customer.
  • the methods may include initiating a search for publicly available records corresponding to the customer.
  • the methods may include reporting to a case manager results from the search.
  • the methods may include providing to a law enforcement agency electronic access to the viewport.
  • the methods may include, when the customer is a first customer having a first risk profile, and the viewport is a first viewport, providing to the law enforcement agency electronic access to a second viewport that corresponds to a second customer having a second risk profile that is correlated with the first risk profile.
  • the apparatus and methods may include methods for communicating a trouble condition from an information card to a card issuer.
  • the methods may include transmitting from an on-card microprocessor a first program identifier and a second program identifier.
  • the methods may include receiving at the microprocessor a card reader selection of the first program identifier.
  • the methods may include receiving at the microprocessor a card reader APDU request for a security circuit status.
  • the methods may include receiving at the microprocessor a clock circuit count range corresponding to an expected user interaction with the information card.
  • the methods may include, using the microprocessor, detecting the user interaction during the range.
  • the methods may include, in response to the detecting, transmitting from the microprocessor a trouble flag.
  • the detecting may include detecting at a microchip auxiliary contact a signal corresponding to the interaction.
  • the methods may include, when the signal is a first signal, and the interaction is a first interaction, detecting at the microchip auxiliary a second signal corresponding to a second user interaction with the information card.
  • the first signal may have a first time constant.
  • the second signal may have a second time constant.
  • the first signal may be responsive to a first sensor on the information card.
  • the second signal may be responsive to a second sensor on the information card.
  • the microprocessor may be configured to transmit the trouble flag only after detection of both the first and second signals.
  • the methods may include transmitting from the information card to the reader a trouble sequence.
  • the microprocessor may be configured to transmit the trouble flag only after detection of the first and second trouble keys in the sequence.
  • the microprocessor may be configured to transmit to the reader: the trouble flag; and, after the trouble flag, ancon APDU TC message.
  • the first signal may be responsive to a temperature sensor on the information card.
  • the first signal may be responsive to a capacitance sensor on the information card.
  • the first signal may be responsive to a displacement sensor on the information card.
  • the first and second signals may correspond to closure of a circuit opening between the first and the second sensors.
  • FIG. 1 is a block diagram that illustrates a computing device 101 (alternatively referred to herein as a “server or computer”) that may be used in accordance with the principles of the invention.
  • the computer server 101 may have a processor 103 for controlling overall operation of the server and its associated components, including RAM 105 , ROM 107 , input/output (“I/O”) module 109 , and memory 115 .
  • I/O module 109 may include a microphone, keypad, touchscreen and/or stylus through which a user of device 101 may provide input, and may also include one or more of a speaker for providing audio output and a video display device for providing textual, audiovisual and/or graphical output.
  • Software may be stored within memory 115 and/or other storage (not shown) to provide instructions to processor 103 for enabling server 101 to perform various functions.
  • memory 115 may store software used by server 101 , such as an operating system 117 , application programs 119 , and an associated database 111 .
  • some or all of computer executable instructions of server 101 may be embodied in hardware or firmware (not shown).
  • Server 101 may operate in a networked environment supporting connections to one or more remote computers, such as terminals 141 and 151 .
  • Terminals 141 and 151 may be personal computers or servers that include many or all of the elements described above relative to server 101 .
  • the network connections depicted in FIG. 1 include a local area network (LAN) 125 and a wide area network (WAN) 129 , but may also include other networks.
  • LAN local area network
  • WAN wide area network
  • computer 101 When used in a LAN networking environment, computer 101 is connected to LAN 125 through a network interface or adapter 113 .
  • server 101 may include a modem 127 or other means for establishing communications over WAN 129 , such as Internet 131 .
  • network connections shown are illustrative and other means of establishing a communications link between the computers may be used.
  • the existence of any of various well-known protocols such as TCP/IP, Ethernet, FTP, HTTP and the like is presumed, and the system may be operated in a client-server configuration to permit a user to retrieve web pages from a web-based server.
  • Any of various conventional web browsers may be used to display and manipulate data on web pages.
  • application program 119 which may be used by server 101 , may include computer executable instructions for invoking user functionality related to communication, such as email, short message service (SMS), and voice input and speech recognition applications.
  • SMS short message service
  • Computing device 101 and/or terminals 141 or 151 may also be mobile terminals including various other components, such as a battery, speaker, and antennas (not shown).
  • Terminal 151 and/or terminal 141 may be portable devices such as a laptop, tablet, smartphone or any other suitable device for receiving, storing, transmitting and/or displaying relevant information.
  • One or more of applications 119 may include one or more algorithms that may be used to perform the functions of one or more of the customer authentication engine, social security registration engine, social security number database server, trouble mitigation inquiry authentication engine, reporting engine, evaluation process, trouble mitigation process, and/or perform any other suitable tasks.
  • the invention may be operational with numerous other general purpose or special purpose computing system environments or configurations.
  • Examples of well-known computing systems, environments, and/or configurations that may be suitable for use with the invention include, but are not limited to, personal computers, server computers, hand-held or laptop devices, tablets, mobile phones and/or other personal digital assistants (“PDAs”), multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.
  • PDAs personal digital assistants
  • the invention may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer.
  • program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types.
  • the invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network.
  • program modules may be located in both local and remote computer storage media including memory storage devices.
  • FIG. 2 shows an illustrative apparatus 200 that may be configured in accordance with the principles of the invention.
  • Apparatus 200 may be a computing machine. Apparatus 200 may include one or more features of the apparatus that is shown in FIG. 1 .
  • Apparatus 200 may include chip module 202 , which may include one or more integrated circuits, and which may include logic configured to perform any other suitable logical operations.
  • Apparatus 200 may include one or more of the following components: I/O circuitry 204 , which may include a transmitter device and a receiver device and may interface with fiber optic cable, coaxial cable, telephone lines, wireless devices, PHY layer hardware, a keypad/display control device or any other suitable encoded media or devices; peripheral devices 206 , which may include counter timers, real-time timers, power-on reset generators or any other suitable peripheral devices; logical processing device 208 , which may compute imminence, permanence, edge weights, mapping, and perform other methods described herein; and machine-readable memory 210 .
  • I/O circuitry 204 which may include a transmitter device and a receiver device and may interface with fiber optic cable, coaxial cable, telephone lines, wireless devices, PHY layer hardware, a keypad/display control device or any other suitable encoded media or devices
  • peripheral devices 206 which may include counter timers, real-time timers, power-on reset generators or any other suitable peripheral devices
  • Machine-readable memory 210 may be configured to store in machine-readable data structures: tokens, patterns, codes, executor registration information, super-executor registration information, co-executor registration information and any other suitable information or data structures.
  • Components 202 , 204 , 206 , 208 and 210 may be coupled together by a system bus or other interconnections 212 and may be present on one or more circuit boards such as 220 . In some embodiments, the components may be integrated into a single chip.
  • the chip may be silicon-based.
  • FIGS. 3-4 show illustrative architectures that may include one or more of the features show in or described in connection with FIGS. 1 and 2 .
  • FIG. 3 shows illustrative architecture 300 for controlling flow of a product between a customer and a vendor.
  • Architecture 300 may include enterprise core 302 .
  • the vendor may own enterprise core 302 .
  • the vendor may control enterprise core 302 .
  • Architecture 300 may include enterprise operational unit 304 .
  • the vendor may own enterprise operational unit 304 .
  • the vendor may control enterprise operational unit 304 .
  • Architecture 300 may include enterprise operational unit 306 .
  • the vendor may own enterprise operational unit 306 .
  • the vendor may control enterprise operational unit 306 .
  • Architecture 300 may include social security number registration platform 308 .
  • Architecture 300 may include enterprise WAN 310 .
  • Customer C may be in communication with WAN 310 via internet I.
  • Customer C may be present with evaluation team members D at operational unit 304 .
  • Architecture 300 may include access to cellular communication network 311 .
  • Enterprise core 302 may include server 312 for exchanging product evaluation-related information.
  • Evaluation-zone related services may be provided by one or more applications served by application servers 314 .
  • Servers 314 may exchange applications and data with machine readable memory in data stores 316 .
  • Data stores 316 may be backed up by backup system 318 .
  • Enterprise operational unit 304 may provide retail or business-to-business services to registered customer C.
  • Unit 304 may include one or more evaluation team members D.
  • Unit 304 may include one or more evaluation team workstations 319 .
  • Evaluation team members D may collect evaluation records from customer C, the vendor itself, or entities separate from the vendor.
  • Evaluation team members D may interact with the evaluation process via workstations 319 .
  • the evaluation team may use the apparatus and methods to perform the evaluation process on a request by customer C for a product.
  • the evaluation process may be supported by an application served by application server 322 .
  • Server 322 may exchange document information with data stores 324 .
  • HTML server 326 may provide the team with views of the evaluation process, status information about the evaluation process, permissions, and forms and data for reaching a decision about customer C's request.
  • Operational unit 304 may include card reader 329 .
  • Card reader 329 may include a card acceptance device.
  • Card reader 329 may be configured to exchange information with information card 331 .
  • Information card 331 may be designated for customer C.
  • Enterprise operational unit 306 may provide infrastructure for trouble mitigation team members T to perform in conjunction with a trouble mitigation process.
  • Unit 306 may include one or more trouble mitigation team workstations 328 .
  • Trouble mitigation team members T may receive a trouble flag from customer C via an application served by application server 330 .
  • Server 330 may trouble mitigation information, such as the attributes, with data stores 332 .
  • HTML server 334 may provide trouble mitigation team members T with the attributes, trouble flags, and suitable forms, permissions, and data for performing the trouble mitigation process.
  • Elements in operational unit 306 may be interconnected through LAN 336 .
  • Any of the workstations may be mobile.
  • the mobile devices may be in wireless communication with cellular network 311 .
  • Cellular network 311 may be in wireless connection with one or both of WAN 310 and platform 308 .
  • Platform 308 may include customer authentication engine 340 .
  • Platform 308 may include social security number registration engine 342 .
  • Platform 308 may include social security number registration database server 344 .
  • Platform 308 may include trouble mitigation inquiry authentication engine 346 .
  • Platform 308 may include reporting engine 348 .
  • the members of the home and visiting teams may be distributed geographically. Both home and visiting team members may be present at one or more of the operational units, such as 304 and 306 .
  • Customer C may provide proof of identity to social security number registration platform 308 using customer authentication engine 340 .
  • Customer C may register customer C's social security number using social security number registration engine 342 .
  • Registration engine 342 may provide customer C with a profile, permissions to change the profile, and one or more conditions for disclosure of information in the profile.
  • Social security number database server 344 may store customer C's profile in connection with customer C's social security number.
  • a trouble mitigation team member T may respond to a trouble flag by authenticating team member T to trouble mitigation inquiry authentication engine 346 .
  • Reporting engine 348 may provide team member T with confirmation of customer C's registration in a database in communication with server 344 .
  • Reporting engine 348 may provide team member T with a report that includes some or all of the elements of the profile.
  • Mitigation team members T may provide access to the mitigation process to intervention party P.
  • FIG. 4 shows illustrative card reader 400 .
  • Card reader 400 may be illustrative of card reader 329 (shown in FIG. 3 ).
  • Card reader 400 may include prismatic facets 402 , 404 , 406 (not shown) and 408 (not shown).
  • Prismatic facets 402 , 404 , 406 and 408 may support top facet 410 .
  • Top facet 410 may support key pad 412 .
  • Key pad 412 may include numerical keys 1-9, a star key, and a pound key.
  • Information card slot 414 may be provided through facet 402 .
  • Top facet 410 may bear trouble key 416 .
  • Card reader 400 may include a processor (not shown). The processor may operate with an operating system that operates in conformance with one or more of the standards.
  • Card reader 400 may include a microcontroller that has a hardware terminal. Trouble key 416 may be in electronic communication with the microcontroller.
  • FIG. 5 shows illustrative card reader 500 .
  • Card reader 500 may be illustrative of card reader 329 (shown in FIG. 3 ).
  • Card reader 500 may include prismatic facets 502 , 504 , 506 (not shown) and 508 (not shown).
  • Prismatic facets 502 , 504 , 506 and 508 may support top facet 510 .
  • Top facet 510 may support key pad 512 .
  • Key pad 512 may include numerical keys 1-9, a star key, and a pound key.
  • Information card slot 514 may be provided through facet 502 .
  • Facet 504 may bear trouble key 516 .
  • Card reader 500 may include a processor (not shown). The processor may operate with an operating system that operates in conformance with one or more of the standards.
  • Card reader 500 may include a microcontroller that has a hardware terminal. Trouble key 516 may be in electronic communication with the microcontroller.
  • FIG. 6 shows illustrative card reader 600 .
  • Card reader 600 may be illustrative of card reader 329 (shown in FIG. 3 ).
  • Card reader 600 may include prismatic facets 602 , 604 , 606 (not shown) and 608 (not shown).
  • Prismatic facets 602 , 604 , 606 and 608 may support top facet 610 .
  • Top facet 610 may support key pad 612 .
  • Key pad 612 may include numerical keys 1-9, a star key, and a pound key.
  • Information card slot 614 may be provided through facet 602 .
  • Facet 604 may bear trouble key 616 .
  • Facet 608 may bear trouble key 618 (shown through card reader 600 ).
  • Card reader 600 may include a processor (not shown).
  • the processor may operate with an operating system that operates in conformance with one or more of the standards.
  • Card reader 600 may include a microcontroller that has a hardware terminal. Trouble key 616 may be in electronic communication with the microcontroller. Trouble key 618 may be in electronic communication with the microcontroller.
  • FIG. 7 shows illustrative information card 700 .
  • Information card 700 may be illustrative of information card 331 (shown in FIG. 3 ).
  • Information card 700 may include one or more laminae 702 .
  • Information card 700 may include chip 704 .
  • Chip 704 may include one or more contact terminals 706 .
  • Chip 704 may communicate with the card reader through one or more of terminals 706 .
  • Information card 700 may include an antenna (not shown). Chip 704 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Dip length D may be a length of card 700 that is disposed inside a card reader such as 329 (shown in FIG. 3 ) when card 700 is dipped into the card reader and in position for communication with the card reader.
  • Exposed length E may be a length of card 700 that remains exposed outside the card reader when card 700 is dipped into the card reader and in position for communication with the card reader.
  • Information card 700 may include TROUBLE key 708 .
  • TROUBLE key 708 may be disposed in a region of card 700 that corresponds to length E.
  • Information card may include conductor 710 .
  • Conductor 710 may be in electronic communication with TROUBLE key 708 .
  • TROUBLE key 708 may include one or more of the sensors.
  • Conductor 710 may be in electronic communication with terminal 712 .
  • Conductor 710 may be disposed between two or more laminae 702 .
  • TROUBLE key 708 may be laminated to top surface 714 (embossed with name of customer C) of card 700 .
  • TROUBLE key 708 may be embedded in one or more of laminae 702 .
  • TROUBLE key 708 may be partially embedded in one or more of laminae 702 .
  • FIG. 8 shows illustrative information card 800 .
  • Information card 800 may be illustrative of information card 331 (shown in FIG. 3 ).
  • Information card 800 may include one or more laminae 802 .
  • Information card 800 may include chip 804 .
  • Chip 804 may include one or more contact terminals 806 .
  • Chip 804 may communicate with the card reader through one or more of terminals 806 .
  • Information card 800 may include an antenna (not shown). Chip 804 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Information card 800 may include TROUBLE key 808 .
  • TROUBLE key 808 may be disposed in a region of card 800 that corresponds to length E.
  • Information card may include conductor 810 .
  • Conductor 810 may be in electronic communication with TROUBLE key 808 .
  • TROUBLE key 808 may include one or more of the sensors.
  • Conductor 810 may be in electronic communication with terminal 812 .
  • Conductor 810 may be disposed between two or more laminae 802 .
  • TROUBLE key 808 may be laminated to bottom surface 814 (reverse of the side having embossed customer name) of card 800 .
  • TROUBLE key 808 may be embedded in one or more of laminae 802 .
  • TROUBLE key 808 may be partially embedded in one or more of laminae 802 .
  • FIG. 9 shows illustrative information card 900 .
  • Information card 900 may be illustrative of information card 331 (shown in FIG. 3 ).
  • Information card 900 may include one or more laminae 902 .
  • Information card 900 may include chip 904 .
  • Chip 904 may include one or more contact terminals 906 .
  • Chip 904 may communicate with the card reader through one or more of terminals 906 .
  • Information card 900 may include an antenna (not shown). Chip 904 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Information card 900 may include TROUBLE key 908 .
  • TROUBLE key 908 may be disposed in a region of card 900 that corresponds to length E.
  • Information card may include conductor 910 .
  • Conductor 910 may be in electronic communication with TROUBLE key 908 .
  • TROUBLE key 908 may include one or more of the sensors.
  • Conductor 910 may be in electronic communication with terminal 912 .
  • Conductor 910 may be disposed between two or more laminae 902 .
  • TROUBLE key 908 may be laminated to card side 914 of card 900 .
  • TROUBLE key 908 may be laminated to a card side opposite card side 914 of card 900 .
  • TROUBLE key 908 may be embedded in one or more of laminae 902 .
  • TROUBLE key 908 may be partially embedded in one or more of laminae 902 .
  • FIG. 10 shows illustrative information card 1000 .
  • Information card 1000 may be illustrative of information card 331 (shown in FIG. 3 ).
  • Information card 1000 may include one or more laminae (not shown).
  • Information card 1000 may include chip 1004 .
  • Chip 1004 may include one or more contact terminals 1006 .
  • Chip 1004 may communicate with the card reader through one or more of terminals 1006 .
  • Information card 1000 may include an antenna (not shown). Chip 1004 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Information card 1000 may include TROUBLE key 1008 .
  • TROUBLE key 1008 may be disposed in a region of card 1000 that corresponds to length E.
  • Information card may include conductor 1010 .
  • Conductor 1010 may be in electronic communication with TROUBLE key 1008 .
  • TROUBLE key 1008 may include one or more of the sensors.
  • Conductor 1010 may be in electronic communication with terminal 1012 .
  • Conductor 1010 may be disposed between two or more of the laminae.
  • TROUBLE key 1008 may be laminated to card side 1014 of card 1000 .
  • TROUBLE key 1008 may be laminated to a card side opposite card side 1014 of card 1000 .
  • TROUBLE key 1008 may be embedded in one or more of the laminae.
  • TROUBLE key 1008 may be partially embedded in one or more of laminae 1002 .
  • Information card 1000 may include TROUBLE key 1009 .
  • TROUBLE key 1009 may be disposed in a region of card 1000 that corresponds to length E.
  • Information card may include conductor 1011 .
  • Conductor 1011 may be in electronic communication with TROUBLE key 1009 .
  • TROUBLE key 1009 may include one or more of the sensors.
  • Conductor 1011 may be in electronic communication with terminal 1012 .
  • Conductor 1011 may be disposed between two or more of the laminae.
  • TROUBLE key 1009 may be laminated to card side 1014 of card 1000 .
  • TROUBLE key 1009 may be laminated to a card side opposite card side 1014 of card 1000 .
  • TROUBLE key 1009 may be embedded in one or more of the laminae.
  • TROUBLE key 1009 may be partially embedded in one or more of laminae 1002 .
  • Information card 1000 may include both TROUBLE keys 1008 and 1009 .
  • Apparatus may omit features shown and/or described in connection with illustrative apparatus. Embodiments may include features that are neither shown nor described in connection with the illustrative apparatus. Features of illustrative apparatus may be combined. For example, an illustrative embodiment may include features shown in connection with another illustrative embodiment.
  • a “system” may include one or more of the features of the apparatus that are shown in FIGS. 1-10 and/or any other suitable device or approach.
  • the “system” may include one or more means for performing one or more of the steps described herein.
  • Embodiments may omit steps shown and/or described in connection with illustrative methods. Embodiments may include steps that are neither shown nor described in connection with illustrative methods.
  • Illustrative method steps may be combined.
  • an illustrative method may include steps shown in connection with another illustrative method.
  • FIG. 11 shows illustrative steps of process 1100 in accordance with the principles of the invention.
  • Process 1100 may begin at step 1102 .
  • a system may electronically grant a first permission.
  • the first permission may be for interacting with a customer such as customer C (shown in FIG. 3 ).
  • the permission may be an electronic permission.
  • the permission may be a business rule that permits direct communication with customer C.
  • the electronic permission may involve the use of a login, a password, or any suitable authentication process to prevent unauthorized interaction with customer C.
  • the interaction may include viewing, adding to, or editing records of the evaluation process.
  • the first permission may be granted to first institutional representatives.
  • the system may electronically grant a second permission.
  • the second permission may be for interacting with customer C (shown in FIG. 3 ).
  • the permission may be an electronic permission.
  • the permission may be a business rule that prohibits direct communication of any kind with customer C.
  • the electronic permission may involve the use of a login, a password, or any suitable authentication process to prevent unauthorized interaction with customer C.
  • the interaction may include viewing, adding to, or editing records of the trouble mitigation process.
  • the second permission may be granted to second institutional representatives.
  • the system may receive from a party a request for a product.
  • the request may name customer C.
  • the request may identify customer C with a social security number.
  • the party may be an associate of customer C.
  • the party may be a relative of customer C.
  • the party may have obtained from customer C access to personal information about customer C.
  • the system may initialize an electronic evaluation-process corresponding to the request. Records in the electronic evaluation process may be viewable under the first permission. Records in the electronic evaluation process may be viewable under the second permission.
  • the system may determine that the social security number has been electronically flagged by the customer.
  • the electronic flagging may be registered in the social security number registration platform (shown in FIG. 3 ).
  • the system may initialize an electronic trouble-mitigation process corresponding to the request. Records in the electronic trouble-mitigation process may be records that are not viewable under the first permission; and viewable under the second permission.
  • FIG. 12 shows illustrative steps of process 1200 in accordance with the principles of the invention.
  • Process 1200 may begin at step 1202 .
  • a system may receive an ATR response from an information card such as card 331 (shown in FIG. 3 ).
  • the system may, using an off-card process, display on a card acceptance device, such as card reader 329 (shown in FIG. 3 ), an instruction to enter a user trouble-key sequence.
  • the user may be customer C.
  • the off-card process may run, in whole or in part, on one or more of a server (such as 314 or 322 (shown in FIG. 3 ), a work station (such as 319 (shown in FIG. 3 )), a card reader (such as 329 (shown in FIG. 3 )) or any other suitable device.
  • the system may receive the trouble code.
  • the system may, in response to receiving the trouble code, communicate to a back-end system a trouble code flag.
  • the back-end system may include one or more of a server (such as 314 or 332 (shown in FIG. 3 ) and a work station (such as 328 (shown in FIG. 3 )) or any other suitable device.
  • the back-end system may include a computing environment that supports the trouble mitigation process.
  • the system may transmit to the information card an application selection.
  • the application selection may be a selection defined in one of the standards.
  • the application selection may be part of the evaluation process for the transaction of the product even when a trouble code has not been communicated.
  • the application selection may be a step that is not part of the trouble mitigation process.
  • FIG. 13 shows illustrative steps of process 1300 in accordance with the principles of the invention.
  • Process 1300 may begin at step 1302 .
  • a system may receive at a card acceptance device (such as 329 (shown in FIG. 3 )) an ATR response from an information card (such as 331 (shown in FIG. 3 )).
  • the system may, using an off-card process, select an on-card security application.
  • the off-card process may run, in whole or in part, on one or more of a server (such as 314 or 322 (shown in FIG. 3 ), a work station (such as 319 (shown in FIG. 3 )), a card reader (such as 329 (shown in FIG.
  • the security application may be a customer authentication or verification application that conforms to one or more of the standards.
  • the security application may be an online application.
  • the security application may be an off-line application.
  • the off-card process may select an on-card application that includes a security procedure. In the security procedure, the card may issue an ARQC (“go online”) APDU to the reader. In the online process, an issuer of the card may transmit to the reader an issuer authentication (an “ARPC” APDU message) of the customer.
  • the system may, using the off-card process, display on the card accepting device an instruction to the customer to activate a security circuit on an information card.
  • the instruction may instruct the customer, e.g., “PUSH TROUBLE BUTTON TO ALERT ISSUER THAT YOU ARE UNDER COERCION.”
  • the system may receive from the information card a trouble flag corresponding to activation by a user of the security circuit on the card.
  • the system may receive user identification verification from the information card.
  • the user may be the customer.
  • the system may, after receiving the trouble flag, communicate the trouble flag and a unique verification identifier to a back-end system.
  • the trouble flag and the unique verification identifier may be communicated in a context in which the trouble flag is logically linked to the electronic dialogue between the card reader and the card.
  • the unique verification identifier may uniquely identify the dialogue.
  • the back-end system may link the unique verification identifier to the card. The link may be based on the verification obtained using the security application.
  • FIG. 14 shows illustrative steps of process 1400 in accordance with the principles of the invention.
  • Process 1400 may begin at step 1402 .
  • a system may transmit from an on-card microprocessor a first program identifier and a second program identifier.
  • the system may receive, at the microprocessor, from a card reader, a selection of the first program identifier; an APDU request for a security circuit status; and a clock circuit count range corresponding to an expected user interaction with the information card.
  • the system may, using the microprocessor, detect the user interaction during the range.
  • the invention described herein may be embodied in whole or in part as a method, a data processing system, or a computer program product. Accordingly, the invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software, hardware and any other suitable approach or apparatus.

Abstract

Apparatus and methods for providing protection from economic exploitation. The apparatus and methods may include a platform for tagging a social security number and/or other suitable identification number. The system may allow a person associated with a social security number to automatically flag and deny any product or service request associated with the social security number. The alarms are “silent,” because the alarm may initiate an institution internal process in which the customer interaction with the institution follows a normal evaluation process until an intervention can be effectively executed on behalf of the customer. This reduces the likelihood of a reaction from the customer's associate prior to completing the evaluation process. A system may provide the customer with an opportunity to electronically activate an alarm by typing keystrokes on a card reader keypad or interacting with a physical sensor on the reader, on the card, or the like.

Description

    BACKGROUND
  • Access to products and services typically requires the performance of institutional evaluation on the part of a vendor. The evaluation includes verifying the identity of an individual who requests the products or services. The evaluation may also include verification of the individual's resources. Individuals may misrepresent value of the resources in connection with the request. Individuals may purport to be, or to make such a request on behalf of, a second individual who is better positioned to prove possession of assets than is the first individual. Electronic commerce and communication infrastructure have provided inexpensive and easily accessible opportunities to request products and services, and have made obtaining proof of the resources, and providing them to the vendor, easy. However, electronic commerce and communication infrastructure have made it easier for individuals to make misrepresentations about their resources and about their authority to act on behalf of others, or to pose as others. Intervention in the improper activities of such individuals benefits from proper timing to avoid injury to those being exploited.
  • Therefore, it would be desirable to provide apparatus and methods for controlling flow of products and services between a customer and a vendor to mitigate deceptive or exploitive practices that may include impersonation, coercion or force of legitimate customers or prospective customers.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The objects and advantages of the disclosure will be apparent upon consideration of the following detailed description, taken in conjunction with the accompanying drawings, in which like reference characters refer to like parts throughout, and in which:
  • FIG. 1 shows illustrative apparatus that may be used in accordance with principles of the invention.
  • FIG. 2 shows illustrative apparatus that may be used in accordance with principles of the invention.
  • FIG. 3 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 4 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 5 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 6 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 7 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 8 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 9 shows illustrative apparatus in accordance with principles of the invention.
  • FIG. 10 shows illustrative apparatus in accordance with principles of the invention, in a partial cross-sectional view that corresponds to that taken along lines 10-10 in FIG. 9.
  • FIG. 11 shows illustrative steps of processes in accordance with principles of the invention.
  • FIG. 12 shows illustrative steps of processes in accordance with principles of the invention.
  • FIG. 13 shows illustrative steps of processes in accordance with principles of the invention.
  • FIG. 14 shows illustrative steps of processes in accordance with principles of the invention.
  • DETAILED DESCRIPTION
  • Apparatus and methods for providing protection from economic exploitation are provided.
  • “Economic exploitation” encompasses a spectrum of societal ills in which a legitimate consumer, the consumer's assets, credit, reputation, and the like, usually legitimately earned and cultivated, are used by a predator to gain access to goods and services to which the predator has no intrinsic ownership or control, or no legal rights to access or encumber.
  • This may include a domestic violence situation, for example. The customer may need to alert a vendor of the goods and services that if the customer's my social security number is used in a request for the goods and services, the vendor should automatically reject the request. This may prevent the customer from unwillingly or unwittingly being burdened with liability—for example a loan, or a series of loans.
  • The alert may be communicated to law enforcement, who may participate in analysis of the exploitation, and, if appropriate, intervention.
  • In one hypothetical scenario, a woman and man come to the vendor together for loan application. The apparatus and methods may permit the couple to to go through the process, but the loan may be denied loan without any additional checks or controls, and certainly before opening the loan account. Vendor personnel may pretend that the couple can pursue the loan through the evaluation process. The vendor may refrain from triggering any additional questions of the couple. This may prevent the triggering of additional violence. However, the vendor would annotate the vendor's records to indicate that the woman was in a domestic violence situation. The record may be used in evaluation of a subsequent loan application by the customer to show a pattern of exploitation, and, in the subsequent application, increase scrutiny for possible exploitation, and perhaps intensify or accelerate intervention.
  • The customer may use a transaction instrument such as an information card, a mobile communication device, a cell phone, or the like to alert the vendor of an issue.
  • When the request is made on a website, the download of a request form, such as an application, could itself be a trigger to alert the vendor. If the customer then includes in the form a predetermined data element, such as a social security number, and submits the form, the submission of that specific data element could then trigger the communication of the alert to the vendor, an intervention party, or both.
  • The apparatus and methods may provide a new paradigm for security—open an account only after possible triggering of an exploitation alert, and do so silently—without explanation that might provoke aggression of the predator against the customer.
  • The apparatus and methods may include providing an opportunity for the customer to opt-in to an alerting system. The system may electronically query the customer after an alarm is triggered. The customer may click a button on a mobile device. The click may indicate, “Yes, I need help,” or, “No, this is OK.” The button may include a biometrically-based signal. This may prevent the predator for impersonating the customer to opt out or circumvent the alert system.
  • The apparatus and methods may include a platform for tagging a social security number and/or other suitable identification number. The system may preventively allow a person associated with a social security number to automatically flag and deny any product or service request associated with the social security number. The denial may be permanent, temporary, or for a predetermined period of time. The denial may be conditioned upon further evaluation during the evaluation process. The period of time may be conditioned upon further evaluation during the evaluation process.
  • Detection of the customer's entry of the customer's social security number in the request may trigger an alert on the mobile device of the person. The alert may request additional information. The alert may notify the person about the request.
  • The platform may initiate a security check prior to initiation of an evaluation process upon which the provision of the product or service is conditioned. The platform may send the social security number to an intervention party. The platform may send the social security number to an investigative party to evaluate facts related to possible coercion. The investigative party may be part of the institution providing the product or services. The investigative party may be a third party. The investigative party may be part of a law enforcement agency. The investigative party may electronically search records, including police records that may name the person or an associate of the person purporting to act on behalf of the person. The fact of multiple attempts to obtain the product or services using the person's social security may be used to trigger transmission of a notice to a law enforcement agency.
  • “Evaluation” may include any process in which an offeror of the product or service receives information a customer, prospective customer, applicant, inquirer or other individual in contemplation of providing to the individual the product or services. Evaluation may include a diligence process, an analytical process, a background check process, an asset assessment process, a liability assessment process, or any other suitable process. The platform may direct that the person biometrically authenticate the person's identity. The platform may direct that the person physically appear to participate in the evaluation process.
  • Predators have different modi operandi. Some impersonate the customer online. Some impersonate the customer by telephone. Some predators request of the vendor a new service such as a credit card, a loan, a mortgage, and the like. Some predators request a cash advance. Some predators request use the customer's credit account to make transactions until a credit limit is reached. Some predators request a second mortgage using the customer's asset as collateral. Some predators use physical or psychological force on the customer.
  • The apparatus and methods may include native-feature, card-reader-based, customer-triggered silent alarms for alerting an institution that an interaction between a customer, or a customer's associate purporting to act on behalf of the customer, is being carried out under duress or coercion. When the customer authenticates to the institution by inserting an information card into a reader, the reader may provide the customer with an opportunity to activate the alarm by typing keystrokes into the reader. The keystrokes may be preselected by the customer. The keystrokes may be displayed by the reader display. The keystrokes may be a sequence related to the customer's PIN. The silent alarm is “silent,” in that the alarm may be configured to initiate an institution internal process in which the customer interaction with the institution follows a normal trajectory until an intervention can be effectively executed on behalf of the customer. This reduces the likelihood of a reaction from the customer's associate prior to completion of the interaction.
  • The apparatus and methods may include a custom card-reader-based, customer-triggered silent alarm for alerting the institution that the interaction is being carried out under duress or coercion. When a customer authenticates by inserting an information card into a reader, the reader may provide the customer with an opportunity to activate the alarm by instructing the customer to interact with a physical sensor on the reader.
  • The apparatus and methods may include a custom on-card, customer-triggered silent alarm for alerting the institution that a transaction or application is being carried out under duress or coercion. When a customer is authenticates to the institution by inserting an information card into a reader, the reader may provide the customer with an opportunity to activate the alarm by instructing the customer to interact with a circuit on the information card. The circuit may include a contact on the card chip or an auxiliary circuit built into the card. The circuit may be disposed on the card in a location that is exposed outside the reader when the card is fully inserted into the reader. The circuit may include a sensor that is downward-facing so that the customer can activate the alarm without detection by an onlooker, such as the associate.
  • The apparatus and methods may include methods for controlling flow of a product between a customer and a vendor. “Product” may include “service.” The methods may include electronically granting a first permission, for interacting with a customer, to first institutional representatives. The methods may include electronically granting a second permission, excluding interacting with the customer, to second institutional representatives. The methods may include receiving from a party a request for a product. Table 1, below, lists illustrative products.
  • TABLE 1
    Illustrative products
    Illustrative products
    Loan
    Credit card
    Cash advance
    Line of credit
    Checking account
    Savings account
    Brokerage account
    POS services account
    Custodial account
    Other suitable products
  • The request may name a customer. The request may identify the customer with a social security number.
  • The methods may involve one or more processes. A process is defined as computer software that accumulates electronic records corresponding to facts, figures, inquiries and conclusions, provides reports and summaries regarding status of the records and unfulfilled requests for records, and notifies users about predetermined time-constraints on accumulation of the records.
  • The methods may include initializing an electronic evaluation-process corresponding to the request. The methods may include determining that the social security number is electronically flagged by the customer. The methods may include initializing an electronic trouble-mitigation process corresponding to the request. Records in the electronic evaluation process may be viewable under either of the first permission and the second permission. Records in the electronic trouble-mitigation process may be records that are not viewable under the first permission and viewable under the second permission.
  • The determining may include identifying the social security number in a registry. The methods may include accessing the registry as an institutional user and not accessing the registry as an administrator of the registry.
  • The methods may include assigning to the evaluation process an evaluation timeline. The methods may include adding a series of evaluation records to the evaluation process in conformance with the timeline. The methods may include, during the adding, echoing an evaluation record from the evaluation process to the trouble-mitigation process.
  • The methods may include transmitting to a customer mobile communication device an alert indicating initiation of the trouble-mitigation process.
  • The methods may include, trouble-mitigation process, adding to the evaluation process a record requiring biometric authentication of the customer. The source of a record corresponding to the requirement may be unidentifiable in the evaluation process by the first representatives.
  • The methods may include, from the trouble-mitigation process, adding to the evaluation process a record requiring in-person attendance of the customer at a meeting with first representatives. The source of a record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
  • The methods may include, from the trouble-mitigation process, adding to the evaluation process a record requiring an electronic on-card communication from the customer. The source of a record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
  • The methods may include providing to the customer a link to the social security number registry.
  • The determining may include authenticating an institution to the registry.
  • The methods may include echoing a record from the evaluation process to the trouble-mitigation process.
  • The methods may include transmitting a suspicious activity report to an intervention party.
  • Table 2, below, lists illustrative intervention parties.
  • TABLE 2
    Illustrative intervention parties.
    Illustrative intervention parties
    On-file emergency contact
    Social service organization
    Legal service organization
    Government agency
    Law enforcement
    Credit bureau
    Fraud unit
    Other suitable parties
  • The methods may include electronically granting the second permission to the intervention party.
  • The methods may include receiving a stop-process instruction from the intervention party.
  • The methods may include, from the trouble-mitigation process, adding to the evaluation process a record including a stop-process instruction. The source of the record corresponding to the requirement may be unidentifiable in the evaluation process by the first representatives.
  • The methods may include denying the request.
  • The methods may include electronically searching public documents naming the customer. The methods may include culling the documents based on indicia of economic exploitation. The methods may include entering into the trouble-mitigation process a record corresponding to a culled document.
  • The request may be a current request that is received by a product vendor.
  • The methods may include identifying in an archive owned by the vendor a record of a prior request naming the customer. The methods may include entering into the trouble-mitigation process a record indicating historical activity naming the customer.
  • The methods may include, in response to the historical activity, transmitting an electronic alert to an administrator authorized to obtain both the first and the second permission.
  • The methods may include identifying in an archive owned by the vendor a record of a prior request naming an individual that is not the customer. The methods may include entering into the trouble-mitigation process a record indicating historical activity naming the individual.
  • The apparatus and methods may include methods for controlling flow of a product between a customer and a vendor. The methods may include receiving an Answer-to-Reset (“ATR”) response from an information card. Table 3 lists illustrative standards that involve answers-to-reset, communication between computers, card readers, cards, and the like.
  • TABLE 3
    Illustrative standards
    Illustrative standards
    ISO 14443 (Identification cards)
    ISO 18092/ECMA-340
    ISO 21481/ECMA-352
    ISO 7816
    PC/SC
    CCID
    Other suitable standards
  • The standards are hereby incorporated herein in their entireties.
  • Table 4 lists illustrative types of information cards.
  • TABLE 4
    Illustrative information cards
    Illustrative information cards
    Identification card
    Smart card
    Chip card
    Mag stripe card
    Contact card
    Contactless card
    Payment card
    Other suitable cards
  • The methods may include using an off-card process, displaying on a card-accepting device an instruction to enter a user trouble-key sequence. A user may enter the trouble-key sequence to indicate a trouble condition. The trouble condition may be urgent. The trouble condition may be non-urgent. The methods may include receiving the trouble code. The methods may include, in response to receiving the trouble code, communicating to a back-end system a trouble code flag. The methods may include transmitting to the information card an application selection.
  • The trouble-key sequence may correspond to a duress condition. The duress condition may be non-urgent. The trouble-key sequence may correspond to a panic condition. The panic condition may be urgent. If the user indicates duress, the trouble-mitigation process may track the evaluation process without interfering with the evaluation process. This may allow intervention parties to engage in a first level of fact gathering. If the user indicates panic, the trouble-mitigation process may track the evaluation process, but may intervene in the evaluation process before completion of the evaluation process to protect the user from imminent harm.
  • The instruction may include both a duress element and a panic element. The instruction may include a first prompt for the user to provide a first trouble key sequence to signal duress. The instruction may include a second prompt for the user to provide a second trouble key sequence to signal panic.
  • The methods may include, using the off-card process providing the trouble-key sequence to the information card. The methods may include, using the off-card process receiving from the smart-card a verification of the trouble-key sequence.
  • The methods may include, after receiving the trouble code, engaging electronically in an information card application selection negotiation. The methods may include verifying a customer identity. The methods may include placing an electronic tag on an interaction between a reader and the information card. The methods may include transmitting to an issuer back-end system the trouble flag and the tag.
  • The methods may include receiving at the back-end system the trouble flag and the tag. The methods may include using the tag to identify a customer. The methods may include establishing a one-way viewport from an intervention process to subsequent transactions between a provider of the product and the customer. A viewport may be a logically defined viewport. A viewport may be defined by a logical permission to view a data record.
  • The methods may include initiating a search for publicly available records corresponding to the customer. The methods may include reporting to a case manager results from the search. The methods may include providing to a law enforcement agency electronic access to the viewport.
  • The customer may be a first customer having a first risk profile. The risk profile may be correlated statistically with another customer's risk profile. The correlation may be based on behavioral attributes. The behavioral attributes may signify patterns of being subjected to economic exploitation. Table 5 lists illustrative attributes.
  • TABLE 5
    Illustrative attributes.
    Illustrative attributes
    Identification attributes
    Past intervention events
    Past co-signor participation in product applications
    Past bankruptcy
    Past payment to accounts naming others
    Past cosigning with applicants implicated in acts of economic exploitation
    Public records indicating involvement in suspicious economic activity
    Other suitable attributes
  • The viewport may be a first viewport. The methods may include providing to the law enforcement agency electronic access to a second viewport that corresponds to a second customer having a second risk profile that is correlated with the first risk profile.
  • The communicating may initiate an electronic trouble-mitigation process. The transmitting may initiate an electronic evaluation process.
  • The methods may include electronically granting a first permission, for interacting with a customer, to first institutional representatives. The methods may include electronically granting a second permission, excluding interacting with the customer, to second institutional representatives. Records in the electronic evaluation process may be viewable under either of the first permission and the second permission. Records in the electronic trouble-mitigation process may be records that are not viewable under the first permission and are viewable under the second permission.
  • The methods may include assigning to the evaluation process an evaluation timeline. The methods may include adding a series of evaluation records to the evaluation process in conformance with the timeline. Table 6 lists illustrative evaluation records.
  • TABLE 6
    Illustrative evaluation records.
    Illustrative evaluation records
    Cash on Hand & in banks
    Accounts Payable
    Savings Accounts
    Notes Payable to Banks and Others
    IRA or Other Retirement Account
    Installment Account (Auto)
    Accounts & Notes Receivable
    Life Insurance - Cash Surrender Value
    Loan(s) Against Life Insurance
    Stocks and Bonds
    Mortgages on Real Estate
    Real Estate
    Unpaid Taxes
    Automobiles
    Other Liabilities
    Other Personal Property
    Salary
    Loans, as Endorser or Co-Maker
    Net Investment
    Income
    Legal Claims & Judgments
    Real Estate Income
    Other suitable evaluation records
  • The methods may include, during the adding, echoing an evaluation record from the evaluation process to the trouble-mitigation process.
  • The methods may include transmitting a suspicious activity report to an intervention.
  • The methods may include electronically granting the second permission to the intervention party.
  • The methods may include receiving a stop-process instruction from the intervention party.
  • The methods may include, from the trouble-mitigation process, adding to the evaluation process a record including a stop-process instruction. The source of the record corresponding to the requirement may be unidentifiable in the evaluation process by the first representatives.
  • The methods may include receiving from the information card a transaction certificate. The transaction certificate may include an application protocol data unit (“ADPU”) transaction certificate (“TC”) message.
  • The apparatus and methods may include apparatus for card acceptance. The apparatus may include a card acceptance device. The card may be an information card.
  • The apparatus may include a numerical key pad. The pad may include one or more keys corresponding, respectively, to numerals 0, 1, 2, 3, 4, 5 6, 7, 8 and 9. The apparatus may include a pound key (“#”). The apparatus may include a star key (“*”). The apparatus may include an ENTER key. The apparatus may include a CANCEL key. The apparatus may include a trouble key. The trouble key may be exclusively for transmitting a trouble flag. The apparatus may include an off-card microprocessor configured to sense an activation of a key of the keys. The apparatus may include an operating system for the off-card microprocessor. The microprocessor may be configured to exchange APDU messages, with an information card, based on activation of the keys. The microprocessor may be configured to transmit, in response to activation of the trouble key, to a back-end system, a trouble flag that is logically linked to the customer through a transaction identifier.
  • The operating system may be configured to do one, some or all of the following acts before transmitting the trouble flag: receive from a user a PIN; provide the PIN to the card; and receive from the card verification of the PIN.
  • The operating system may be configured to provide the PIN to the card as an argument of an APDU command.
  • The apparatus may include an enclosure. The enclosure may enclose the microprocessor. The enclosure may support the keypad. The enclosure may bear the trouble key. Trouble key may be disposed external to the keypad.
  • The enclosure may include a top facet bearing the keypad. The enclosure may include a top facet bearing the keypad. The enclosure may include a vertical prism bearing the trouble key. The prism may include a shape in which facets or tangents to the facets are oriented parallel or near parallel to an axis. The trouble key may be in electronic communication with the microprocessor.
  • The prism may include a first vertical lateral facet. The prism may include a second vertical lateral facet opposite the first lateral facet. The prism may include a card slot facet extending, adjacent an end of the keypad having the star and pound keys, between the first and second vertical lateral facets. The prism may include a distal vertical facet extending, adjacent an end of the keypad having the 1, 2, and 3 keys, between the first and second vertical lateral facets.
  • The first vertical lateral facet may bear the trouble key. The card slot facet may bear the trouble key. The distal vertical facet may bear the trouble key.
  • The apparatus may include, when the trouble key is a first trouble key, a second trouble key in electronic communication with the microprocessor.
  • The operating system may be configured to transmit the trouble flag only after activation of both the first and second trouble keys. The operating system may be configured to transmit the trouble flag only after simultaneous activation of both the first and second trouble keys.
  • The operating system may be configured to transmit the trouble flag only after a sequence of activations of both the first and second trouble keys.
  • The first vertical lateral facet may bear the first trouble key. The second vertical lateral facet may bear the second trouble key. The trouble key may include a sensor.
  • Table 7 lists illustrative sensors.
  • TABLE 7
    Illustrative sensors.
    Illustrative sensors
    Temperature sensor
    Pressure sensor
    Capacitance sensor
    Displacement sensor
    Electrical resistance (conductance) sensor (e.g.,
    for closing a circuit with a body part, e.g.,
    hand, fingers)
    Other suitable sensors
  • The apparatus and methods may include methods for initiating a silent alarm in a card reader. The methods may include receiving at a card acceptance device an ATR response from an information card. The methods may include using an off-card process selecting an on-card app. The application may be a security app. The application may be a customer identification app. The application may be a customer verification methods (“CVM”) app. The methods may include using the off-card process, displaying on the card acceptance device an instruction to activate a security circuit on an information card. The methods may include receiving from the information card a trouble flag corresponding to activation by a user of a security circuit on the card. The methods may include receiving a user identification verification from the information card. The methods may include, after the receiving, communicating the trouble flag and a unique verification identifier to a back-end system.
  • The methods may include, using the off-card process, receiving a user authorization to complete an on-card transaction. The methods may include, using the off-card process, displaying a transaction completed message on a display.
  • The trouble flag may correspond to a duress condition. The trouble flag may correspond to a panic condition.
  • The instruction may include both a duress element and a panic element.
  • The methods may include receiving at the back-end system the trouble flag and the tag. The methods may include using the tag to identify a customer. The methods may include establishing a one-way viewport from an intervention process to subsequent transactions between a provider of the product and the customer.
  • The methods may include initiating a search for publicly available records corresponding to the customer. The methods may include reporting to a case manager results from the search. The methods may include providing to a law enforcement agency electronic access to the viewport.
  • The methods may include, when the customer is a first customer having a first risk profile, and the viewport is a first viewport, providing to the law enforcement agency electronic access to a second viewport that corresponds to a second customer having a second risk profile that is correlated with the first risk profile.
  • The apparatus and methods may include methods for communicating a trouble condition from an information card to a card issuer.
  • The methods may include transmitting from an on-card microprocessor a first program identifier and a second program identifier. The methods may include receiving at the microprocessor a card reader selection of the first program identifier. The methods may include receiving at the microprocessor a card reader APDU request for a security circuit status. The methods may include receiving at the microprocessor a clock circuit count range corresponding to an expected user interaction with the information card. The methods may include, using the microprocessor, detecting the user interaction during the range.
  • The methods may include, in response to the detecting, transmitting from the microprocessor a trouble flag. The detecting may include detecting at a microchip auxiliary contact a signal corresponding to the interaction.
  • The methods may include, when the signal is a first signal, and the interaction is a first interaction, detecting at the microchip auxiliary a second signal corresponding to a second user interaction with the information card.
  • The first signal may have a first time constant. The second signal may have a second time constant.
  • The first signal may be responsive to a first sensor on the information card. The second signal may be responsive to a second sensor on the information card.
  • The microprocessor may be configured to transmit the trouble flag only after detection of both the first and second signals.
  • The methods may include transmitting from the information card to the reader a trouble sequence. The microprocessor may be configured to transmit the trouble flag only after detection of the first and second trouble keys in the sequence.
  • The microprocessor may be configured to transmit to the reader: the trouble flag; and, after the trouble flag, ancon APDU TC message.
  • The first signal may be responsive to a temperature sensor on the information card. The first signal may be responsive to a capacitance sensor on the information card. The first signal may be responsive to a displacement sensor on the information card. The first and second signals may correspond to closure of a circuit opening between the first and the second sensors.
  • Illustrative embodiments of apparatus and methods in accordance with the principles of the invention will now be described with reference to the accompanying drawings, which forma part hereof. It is to be understood that other embodiments maybe utilized and that structural, functional and procedural modifications or omissions may be made without departing from the scope and spirit of the present invention.
  • FIG. 1 is a block diagram that illustrates a computing device 101 (alternatively referred to herein as a “server or computer”) that may be used in accordance with the principles of the invention. The computer server 101 may have a processor 103 for controlling overall operation of the server and its associated components, including RAM 105, ROM 107, input/output (“I/O”) module 109, and memory 115.
  • I/O module 109 may include a microphone, keypad, touchscreen and/or stylus through which a user of device 101 may provide input, and may also include one or more of a speaker for providing audio output and a video display device for providing textual, audiovisual and/or graphical output. Software may be stored within memory 115 and/or other storage (not shown) to provide instructions to processor 103 for enabling server 101 to perform various functions. For example, memory 115 may store software used by server 101, such as an operating system 117, application programs 119, and an associated database 111. Alternatively, some or all of computer executable instructions of server 101 may be embodied in hardware or firmware (not shown).
  • Server 101 may operate in a networked environment supporting connections to one or more remote computers, such as terminals 141 and 151. Terminals 141 and 151 may be personal computers or servers that include many or all of the elements described above relative to server 101. The network connections depicted in FIG. 1 include a local area network (LAN) 125 and a wide area network (WAN) 129, but may also include other networks.
  • When used in a LAN networking environment, computer 101 is connected to LAN 125 through a network interface or adapter 113.
  • When used in a WAN networking environment, server 101 may include a modem 127 or other means for establishing communications over WAN 129, such as Internet 131.
  • It will be appreciated that the network connections shown are illustrative and other means of establishing a communications link between the computers may be used. The existence of any of various well-known protocols such as TCP/IP, Ethernet, FTP, HTTP and the like is presumed, and the system may be operated in a client-server configuration to permit a user to retrieve web pages from a web-based server. Any of various conventional web browsers may be used to display and manipulate data on web pages.
  • Additionally, application program 119, which may be used by server 101, may include computer executable instructions for invoking user functionality related to communication, such as email, short message service (SMS), and voice input and speech recognition applications.
  • Computing device 101 and/or terminals 141 or 151 may also be mobile terminals including various other components, such as a battery, speaker, and antennas (not shown). Terminal 151 and/or terminal 141 may be portable devices such as a laptop, tablet, smartphone or any other suitable device for receiving, storing, transmitting and/or displaying relevant information.
  • Any information described above in connection with database 111, and any other suitable information, may be stored in memory 115. One or more of applications 119 may include one or more algorithms that may be used to perform the functions of one or more of the customer authentication engine, social security registration engine, social security number database server, trouble mitigation inquiry authentication engine, reporting engine, evaluation process, trouble mitigation process, and/or perform any other suitable tasks.
  • The invention may be operational with numerous other general purpose or special purpose computing system environments or configurations. Examples of well-known computing systems, environments, and/or configurations that may be suitable for use with the invention include, but are not limited to, personal computers, server computers, hand-held or laptop devices, tablets, mobile phones and/or other personal digital assistants (“PDAs”), multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.
  • The invention may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
  • FIG. 2 shows an illustrative apparatus 200 that may be configured in accordance with the principles of the invention.
  • Apparatus 200 may be a computing machine. Apparatus 200 may include one or more features of the apparatus that is shown in FIG. 1.
  • Apparatus 200 may include chip module 202, which may include one or more integrated circuits, and which may include logic configured to perform any other suitable logical operations.
  • Apparatus 200 may include one or more of the following components: I/O circuitry 204, which may include a transmitter device and a receiver device and may interface with fiber optic cable, coaxial cable, telephone lines, wireless devices, PHY layer hardware, a keypad/display control device or any other suitable encoded media or devices; peripheral devices 206, which may include counter timers, real-time timers, power-on reset generators or any other suitable peripheral devices; logical processing device 208, which may compute imminence, permanence, edge weights, mapping, and perform other methods described herein; and machine-readable memory 210.
  • Machine-readable memory 210 may be configured to store in machine-readable data structures: tokens, patterns, codes, executor registration information, super-executor registration information, co-executor registration information and any other suitable information or data structures.
  • Components 202, 204, 206, 208 and 210 may be coupled together by a system bus or other interconnections 212 and may be present on one or more circuit boards such as 220. In some embodiments, the components may be integrated into a single chip.
  • The chip may be silicon-based.
  • FIGS. 3-4 show illustrative architectures that may include one or more of the features show in or described in connection with FIGS. 1 and 2.
  • FIG. 3 shows illustrative architecture 300 for controlling flow of a product between a customer and a vendor. Architecture 300 may include enterprise core 302. The vendor may own enterprise core 302. The vendor may control enterprise core 302. Architecture 300 may include enterprise operational unit 304. The vendor may own enterprise operational unit 304. The vendor may control enterprise operational unit 304. Architecture 300 may include enterprise operational unit 306. The vendor may own enterprise operational unit 306. The vendor may control enterprise operational unit 306.
  • Architecture 300 may include social security number registration platform 308. Architecture 300 may include enterprise WAN 310. Customer C may be in communication with WAN 310 via internet I. Customer C may be present with evaluation team members D at operational unit 304. Architecture 300 may include access to cellular communication network 311.
  • Enterprise core 302 may include server 312 for exchanging product evaluation-related information. Evaluation-zone related services may be provided by one or more applications served by application servers 314. Servers 314 may exchange applications and data with machine readable memory in data stores 316. Data stores 316 may be backed up by backup system 318.
  • Enterprise operational unit 304 may provide retail or business-to-business services to registered customer C. Unit 304 may include one or more evaluation team members D. Unit 304 may include one or more evaluation team workstations 319. Evaluation team members D may collect evaluation records from customer C, the vendor itself, or entities separate from the vendor. Evaluation team members D may interact with the evaluation process via workstations 319. The evaluation team may use the apparatus and methods to perform the evaluation process on a request by customer C for a product. The evaluation process may be supported by an application served by application server 322. Server 322 may exchange document information with data stores 324. HTML server 326 may provide the team with views of the evaluation process, status information about the evaluation process, permissions, and forms and data for reaching a decision about customer C's request. Elements in operational unit 304 may be interconnected through LAN 327. Operational unit 304 may include card reader 329. Card reader 329 may include a card acceptance device. Card reader 329 may be configured to exchange information with information card 331. Information card 331 may be designated for customer C.
  • Enterprise operational unit 306 may provide infrastructure for trouble mitigation team members T to perform in conjunction with a trouble mitigation process. Unit 306 may include one or more trouble mitigation team workstations 328. Trouble mitigation team members T may receive a trouble flag from customer C via an application served by application server 330. Server 330 may trouble mitigation information, such as the attributes, with data stores 332. HTML server 334 may provide trouble mitigation team members T with the attributes, trouble flags, and suitable forms, permissions, and data for performing the trouble mitigation process. Elements in operational unit 306 may be interconnected through LAN 336.
  • Any of the workstations may be mobile. The mobile devices may be in wireless communication with cellular network 311. Cellular network 311 may be in wireless connection with one or both of WAN 310 and platform 308.
  • Platform 308 may include customer authentication engine 340. Platform 308 may include social security number registration engine 342. Platform 308 may include social security number registration database server 344. Platform 308 may include trouble mitigation inquiry authentication engine 346. Platform 308 may include reporting engine 348.
  • The members of the home and visiting teams may be distributed geographically. Both home and visiting team members may be present at one or more of the operational units, such as 304 and 306.
  • Customer C may provide proof of identity to social security number registration platform 308 using customer authentication engine 340. Customer C may register customer C's social security number using social security number registration engine 342. Registration engine 342 may provide customer C with a profile, permissions to change the profile, and one or more conditions for disclosure of information in the profile.
  • Social security number database server 344 may store customer C's profile in connection with customer C's social security number.
  • A trouble mitigation team member T may respond to a trouble flag by authenticating team member T to trouble mitigation inquiry authentication engine 346. Reporting engine 348 may provide team member T with confirmation of customer C's registration in a database in communication with server 344. Reporting engine 348 may provide team member T with a report that includes some or all of the elements of the profile.
  • Mitigation team members T may provide access to the mitigation process to intervention party P.
  • FIG. 4 shows illustrative card reader 400. Card reader 400 may be illustrative of card reader 329 (shown in FIG. 3). Card reader 400 may include prismatic facets 402, 404, 406 (not shown) and 408 (not shown). Prismatic facets 402, 404, 406 and 408 may support top facet 410. Top facet 410 may support key pad 412. Key pad 412 may include numerical keys 1-9, a star key, and a pound key. Information card slot 414 may be provided through facet 402. Top facet 410 may bear trouble key 416. Card reader 400 may include a processor (not shown). The processor may operate with an operating system that operates in conformance with one or more of the standards. Card reader 400 may include a microcontroller that has a hardware terminal. Trouble key 416 may be in electronic communication with the microcontroller.
  • FIG. 5 shows illustrative card reader 500. Card reader 500 may be illustrative of card reader 329 (shown in FIG. 3). Card reader 500 may include prismatic facets 502, 504, 506 (not shown) and 508 (not shown). Prismatic facets 502, 504, 506 and 508 may support top facet 510. Top facet 510 may support key pad 512. Key pad 512 may include numerical keys 1-9, a star key, and a pound key. Information card slot 514 may be provided through facet 502. Facet 504 may bear trouble key 516. Card reader 500 may include a processor (not shown). The processor may operate with an operating system that operates in conformance with one or more of the standards. Card reader 500 may include a microcontroller that has a hardware terminal. Trouble key 516 may be in electronic communication with the microcontroller.
  • FIG. 6 shows illustrative card reader 600. Card reader 600 may be illustrative of card reader 329 (shown in FIG. 3). Card reader 600 may include prismatic facets 602, 604, 606 (not shown) and 608 (not shown). Prismatic facets 602, 604, 606 and 608 may support top facet 610. Top facet 610 may support key pad 612. Key pad 612 may include numerical keys 1-9, a star key, and a pound key. Information card slot 614 may be provided through facet 602. Facet 604 may bear trouble key 616. Facet 608 may bear trouble key 618 (shown through card reader 600). Card reader 600 may include a processor (not shown). The processor may operate with an operating system that operates in conformance with one or more of the standards. Card reader 600 may include a microcontroller that has a hardware terminal. Trouble key 616 may be in electronic communication with the microcontroller. Trouble key 618 may be in electronic communication with the microcontroller.
  • FIG. 7 shows illustrative information card 700. Information card 700 may be illustrative of information card 331 (shown in FIG. 3). Information card 700 may include one or more laminae 702. Information card 700 may include chip 704. Chip 704 may include one or more contact terminals 706. Chip 704 may communicate with the card reader through one or more of terminals 706. Information card 700 may include an antenna (not shown). Chip 704 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Dip length D may be a length of card 700 that is disposed inside a card reader such as 329 (shown in FIG. 3) when card 700 is dipped into the card reader and in position for communication with the card reader. Exposed length E may be a length of card 700 that remains exposed outside the card reader when card 700 is dipped into the card reader and in position for communication with the card reader.
  • Information card 700 may include TROUBLE key 708. TROUBLE key 708 may be disposed in a region of card 700 that corresponds to length E. Information card may include conductor 710. Conductor 710 may be in electronic communication with TROUBLE key 708. TROUBLE key 708 may include one or more of the sensors. Conductor 710 may be in electronic communication with terminal 712. Conductor 710 may be disposed between two or more laminae 702. TROUBLE key 708 may be laminated to top surface 714 (embossed with name of customer C) of card 700. TROUBLE key 708 may be embedded in one or more of laminae 702. TROUBLE key 708 may be partially embedded in one or more of laminae 702.
  • FIG. 8 shows illustrative information card 800. Information card 800 may be illustrative of information card 331 (shown in FIG. 3). Information card 800 may include one or more laminae 802. Information card 800 may include chip 804. Chip 804 may include one or more contact terminals 806. Chip 804 may communicate with the card reader through one or more of terminals 806. Information card 800 may include an antenna (not shown). Chip 804 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Information card 800 may include TROUBLE key 808. TROUBLE key 808 may be disposed in a region of card 800 that corresponds to length E. Information card may include conductor 810. Conductor 810 may be in electronic communication with TROUBLE key 808. TROUBLE key 808 may include one or more of the sensors. Conductor 810 may be in electronic communication with terminal 812. Conductor 810 may be disposed between two or more laminae 802. TROUBLE key 808 may be laminated to bottom surface 814 (reverse of the side having embossed customer name) of card 800. TROUBLE key 808 may be embedded in one or more of laminae 802. TROUBLE key 808 may be partially embedded in one or more of laminae 802.
  • FIG. 9 shows illustrative information card 900. Information card 900 may be illustrative of information card 331 (shown in FIG. 3). Information card 900 may include one or more laminae 902. Information card 900 may include chip 904. Chip 904 may include one or more contact terminals 906. Chip 904 may communicate with the card reader through one or more of terminals 906. Information card 900 may include an antenna (not shown). Chip 904 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Information card 900 may include TROUBLE key 908. TROUBLE key 908 may be disposed in a region of card 900 that corresponds to length E. Information card may include conductor 910. Conductor 910 may be in electronic communication with TROUBLE key 908. TROUBLE key 908 may include one or more of the sensors. Conductor 910 may be in electronic communication with terminal 912. Conductor 910 may be disposed between two or more laminae 902. TROUBLE key 908 may be laminated to card side 914 of card 900. TROUBLE key 908 may be laminated to a card side opposite card side 914 of card 900. TROUBLE key 908 may be embedded in one or more of laminae 902. TROUBLE key 908 may be partially embedded in one or more of laminae 902.
  • FIG. 10 shows illustrative information card 1000. Information card 1000 may be illustrative of information card 331 (shown in FIG. 3). Information card 1000 may include one or more laminae (not shown). Information card 1000 may include chip 1004. Chip 1004 may include one or more contact terminals 1006. Chip 1004 may communicate with the card reader through one or more of terminals 1006. Information card 1000 may include an antenna (not shown). Chip 1004 may communicate with the card reader, via contactless card protocols, via the antenna.
  • Information card 1000 may include TROUBLE key 1008. TROUBLE key 1008 may be disposed in a region of card 1000 that corresponds to length E. Information card may include conductor 1010. Conductor 1010 may be in electronic communication with TROUBLE key 1008. TROUBLE key 1008 may include one or more of the sensors. Conductor 1010 may be in electronic communication with terminal 1012. Conductor 1010 may be disposed between two or more of the laminae. TROUBLE key 1008 may be laminated to card side 1014 of card 1000. TROUBLE key 1008 may be laminated to a card side opposite card side 1014 of card 1000. TROUBLE key 1008 may be embedded in one or more of the laminae. TROUBLE key 1008 may be partially embedded in one or more of laminae 1002.
  • Information card 1000 may include TROUBLE key 1009. TROUBLE key 1009 may be disposed in a region of card 1000 that corresponds to length E. Information card may include conductor 1011. Conductor 1011 may be in electronic communication with TROUBLE key 1009. TROUBLE key 1009 may include one or more of the sensors. Conductor 1011 may be in electronic communication with terminal 1012. Conductor 1011 may be disposed between two or more of the laminae. TROUBLE key 1009 may be laminated to card side 1014 of card 1000. TROUBLE key 1009 may be laminated to a card side opposite card side 1014 of card 1000. TROUBLE key 1009 may be embedded in one or more of the laminae. TROUBLE key 1009 may be partially embedded in one or more of laminae 1002.
  • Information card 1000 may include both TROUBLE keys 1008 and 1009.
  • Apparatus may omit features shown and/or described in connection with illustrative apparatus. Embodiments may include features that are neither shown nor described in connection with the illustrative apparatus. Features of illustrative apparatus may be combined. For example, an illustrative embodiment may include features shown in connection with another illustrative embodiment.
  • For the sake of illustration, the steps of the illustrated processes will be described as being performed by a “system.” A “system” may include one or more of the features of the apparatus that are shown in FIGS. 1-10 and/or any other suitable device or approach. The “system” may include one or more means for performing one or more of the steps described herein.
  • The steps of methods may be performed in an order other than the order shown and/or described herein. Embodiments may omit steps shown and/or described in connection with illustrative methods. Embodiments may include steps that are neither shown nor described in connection with illustrative methods.
  • Illustrative method steps may be combined. For example, an illustrative method may include steps shown in connection with another illustrative method.
  • FIG. 11 shows illustrative steps of process 1100 in accordance with the principles of the invention. Process 1100 may begin at step 1102. At step 1102, a system may electronically grant a first permission. The first permission may be for interacting with a customer such as customer C (shown in FIG. 3). The permission may be an electronic permission. The permission may be a business rule that permits direct communication with customer C. The electronic permission may involve the use of a login, a password, or any suitable authentication process to prevent unauthorized interaction with customer C. The interaction may include viewing, adding to, or editing records of the evaluation process. The first permission may be granted to first institutional representatives.
  • At step 1104, the system may electronically grant a second permission. The second permission may be for interacting with customer C (shown in FIG. 3). The permission may be an electronic permission. The permission may be a business rule that prohibits direct communication of any kind with customer C. The electronic permission may involve the use of a login, a password, or any suitable authentication process to prevent unauthorized interaction with customer C. The interaction may include viewing, adding to, or editing records of the trouble mitigation process. The second permission may be granted to second institutional representatives.
  • At step 1106, the system may receive from a party a request for a product. The request may name customer C. The request may identify customer C with a social security number. The party may be an associate of customer C. The party may be a relative of customer C. The party may have obtained from customer C access to personal information about customer C.
  • At step 1108, the system may initialize an electronic evaluation-process corresponding to the request. Records in the electronic evaluation process may be viewable under the first permission. Records in the electronic evaluation process may be viewable under the second permission.
  • At step 1110, the system may determine that the social security number has been electronically flagged by the customer. The electronic flagging may be registered in the social security number registration platform (shown in FIG. 3).
  • At step 1112, the system may initialize an electronic trouble-mitigation process corresponding to the request. Records in the electronic trouble-mitigation process may be records that are not viewable under the first permission; and viewable under the second permission.
  • FIG. 12 shows illustrative steps of process 1200 in accordance with the principles of the invention. Process 1200 may begin at step 1202. At step 1202, a system may receive an ATR response from an information card such as card 331 (shown in FIG. 3). At step 1204, the system may, using an off-card process, display on a card acceptance device, such as card reader 329 (shown in FIG. 3), an instruction to enter a user trouble-key sequence. The user may be customer C. The off-card process may run, in whole or in part, on one or more of a server (such as 314 or 322 (shown in FIG. 3), a work station (such as 319 (shown in FIG. 3)), a card reader (such as 329 (shown in FIG. 3)) or any other suitable device.
  • At step 1206, the system may receive the trouble code.
  • At step 1208, the system may, in response to receiving the trouble code, communicate to a back-end system a trouble code flag. The back-end system may include one or more of a server (such as 314 or 332 (shown in FIG. 3) and a work station (such as 328 (shown in FIG. 3)) or any other suitable device. The back-end system may include a computing environment that supports the trouble mitigation process.
  • At step 1210, the system may transmit to the information card an application selection. The application selection may be a selection defined in one of the standards. The application selection may be part of the evaluation process for the transaction of the product even when a trouble code has not been communicated. The application selection may be a step that is not part of the trouble mitigation process.
  • FIG. 13 shows illustrative steps of process 1300 in accordance with the principles of the invention. Process 1300 may begin at step 1302. At step 1302, a system may receive at a card acceptance device (such as 329 (shown in FIG. 3)) an ATR response from an information card (such as 331 (shown in FIG. 3)). At step 1304, the system may, using an off-card process, select an on-card security application. The off-card process may run, in whole or in part, on one or more of a server (such as 314 or 322 (shown in FIG. 3), a work station (such as 319 (shown in FIG. 3)), a card reader (such as 329 (shown in FIG. 3)) or any other suitable device. The security application may be a customer authentication or verification application that conforms to one or more of the standards. The security application may be an online application. The security application may be an off-line application. The off-card process may select an on-card application that includes a security procedure. In the security procedure, the card may issue an ARQC (“go online”) APDU to the reader. In the online process, an issuer of the card may transmit to the reader an issuer authentication (an “ARPC” APDU message) of the customer.
  • At step 1306, the system may, using the off-card process, display on the card accepting device an instruction to the customer to activate a security circuit on an information card. The instruction may instruct the customer, e.g., “PUSH TROUBLE BUTTON TO ALERT ISSUER THAT YOU ARE UNDER COERCION.”
  • At step 1308, the system may receive from the information card a trouble flag corresponding to activation by a user of the security circuit on the card.
  • At step 1310, the system may receive user identification verification from the information card. The user may be the customer.
  • At step 1312, the system may, after receiving the trouble flag, communicate the trouble flag and a unique verification identifier to a back-end system. The trouble flag and the unique verification identifier may be communicated in a context in which the trouble flag is logically linked to the electronic dialogue between the card reader and the card. The unique verification identifier may uniquely identify the dialogue. The back-end system may link the unique verification identifier to the card. The link may be based on the verification obtained using the security application.
  • FIG. 14 shows illustrative steps of process 1400 in accordance with the principles of the invention. Process 1400 may begin at step 1402. At step 1402, a system may transmit from an on-card microprocessor a first program identifier and a second program identifier. At step 1404, the system may receive, at the microprocessor, from a card reader, a selection of the first program identifier; an APDU request for a security circuit status; and a clock circuit count range corresponding to an expected user interaction with the information card. At step 1406, the system may, using the microprocessor, detect the user interaction during the range.
  • As will be appreciated by one of skill in the art, the invention described herein may be embodied in whole or in part as a method, a data processing system, or a computer program product. Accordingly, the invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software, hardware and any other suitable approach or apparatus.
  • Thus, methods and apparatus for controlling flow of products and services between a customer and a vendor have been provided. Persons skilled in the art will appreciate that the present invention may be practiced by other than the described embodiments, which are presented for purposes of illustration rather than of limitation. The present invention is limited only by the claims that follow.

Claims (21)

What is claimed is:
1. A method for preventing economic abuse, the method comprising:
taking in, at a vendor's information services system, a request from an economic predator for a product or service wherein the predator is impersonating or coercing a victim who is a legitimate customer or prospective customer, the request being optionally a request for credit, a credit card, a loan, a mortgage or a cash advance;
obtaining from the victim the victim's identity in the form of a social security number optionally at a card-reading machine, a brick-and-mortar facility or a vendor's online business platform;
tagging the victim optionally using one or more of: social media, an anonymous report by a third party; and
optionally checking a public, government or private database for evidence of domestic or economic predation or victimization.
2. The method of claim 1 further comprising, when the victim is a customer:
electronically granting a first permission, for interacting with the customer, to first vendor representatives;
electronically granting a second permission, excluding interacting with the customer, to second institutional representatives;
receiving from the predator the request for a product, the request naming a customer and identifying the customer with a social security number;
initializing an electronic evaluation-process corresponding to the request;
determining that the social security number is electronically flagged by the customer;
initializing an electronic trouble-mitigation process corresponding to the request; wherein:
records in the electronic evaluation process are viewable under:
the first permission; and
the second permission; and
records in the electronic trouble-mitigation process are:
not viewable under the first permission; and
viewable under the second permission.
3. The method of claim 2 wherein the determining includes identifying the social security number in a registry.
4. The method of claim 3 further comprising:
accessing the registry as an institutional user; and
not accessing the registry as an administrator of the registry.
5. The method of claim 2 further comprising:
assigning to the evaluation process an evaluation timeline;
adding a series of evaluation records to the evaluation process in conformance with the timeline; and,
during the adding, echoing an evaluation record from the evaluation process to the trouble-mitigation process.
6. The method of claim 2 further comprising transmitting to a customer mobile communication device an alert indicating initiation of the trouble-mitigation process.
7. The method of claim 2 further comprising: from the trouble-mitigation process, adding to the evaluation process a record requiring biometric authentication of the customer, a source of a record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
8. The method of claim 2 further comprising: from the trouble-mitigation process, adding to the evaluation process a record requiring in-person attendance of the customer at a meeting with first representatives, a source of a record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
9. The method of claim 2 further comprising: from the trouble-mitigation process, adding to the evaluation process a record requiring an electronic on-card communication from the customer, a source of a record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
10. The method of claim 2 further comprising providing to the customer a link to the social security number registry.
11. The method of claim 2 wherein the determining comprises authenticating an institution to the registry.
12. The method of claim 2 further comprising echoing a record from the evaluation process to the trouble-mitigation process.
13. The method of claim 2 further comprising transmitting a suspicious activity report to an intervention party.
14. The method of claim 13 further comprising electronically granting the second permission to the intervention party.
15. The method of claim 13 further comprising receiving a stop-process instruction from the intervention party.
16. The method of claim 13 further comprising: from the trouble-mitigation process, adding to the evaluation process a record including a stop-process instruction, a source of the record corresponding to the requirement being unidentifiable in the evaluation process by the first representatives.
17. The method of claim 2 further comprising denying the request.
18. The method of claim 2 further comprising:
electronically searching public documents naming the customer;
culling the documents based on indicia of economic exploitation;
entering into the trouble-mitigation process a record corresponding to a culled document.
19. The method of claim 2 further comprising, when the request is a current request that is received by a product vendor:
identifying in an archive owned by the vendor a record of a prior request naming the customer; and
entering into the trouble-mitigation process a record indicating historical activity.
20. The method of claim 19 further comprising, in response to the historical activity, transmitting an electronic alert to an administrator authorized to obtain both the first and the second permission.
21. The method of claim 2 further comprising, when the request is a current request that is received by a product vendor:
identifying in an archive owned by the vendor a record of a prior request naming an individual that is not the customer; and
entering into the trouble-mitigation process a record indicating historical activity.
US16/598,331 2019-10-10 2019-10-10 Silent alarms for economic duress Active 2039-12-06 US10991231B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US16/598,331 US10991231B1 (en) 2019-10-10 2019-10-10 Silent alarms for economic duress

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US16/598,331 US10991231B1 (en) 2019-10-10 2019-10-10 Silent alarms for economic duress

Publications (2)

Publication Number Publication Date
US20210110702A1 true US20210110702A1 (en) 2021-04-15
US10991231B1 US10991231B1 (en) 2021-04-27

Family

ID=75383802

Family Applications (1)

Application Number Title Priority Date Filing Date
US16/598,331 Active 2039-12-06 US10991231B1 (en) 2019-10-10 2019-10-10 Silent alarms for economic duress

Country Status (1)

Country Link
US (1) US10991231B1 (en)

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6088686A (en) 1995-12-12 2000-07-11 Citibank, N.A. System and method to performing on-line credit reviews and approvals
WO1999060483A1 (en) 1998-05-21 1999-11-25 Equifax Inc. System and method for authentication of network users
US7657540B1 (en) 2003-02-04 2010-02-02 Seisint, Inc. Method and system for linking and delinking data records
US7970698B2 (en) 2003-08-27 2011-06-28 Equifax, Inc. Application processing and decision systems and processes
US9256904B1 (en) 2008-08-14 2016-02-09 Experian Information Solutions, Inc. Multi-bureau credit file freeze and unfreeze
US9886693B2 (en) * 2009-03-30 2018-02-06 Yuh-Shen Song Privacy protected anti identity theft and payment network
US20110238566A1 (en) * 2010-02-16 2011-09-29 Digital Risk, Llc System and methods for determining and reporting risk associated with financial instruments
US20160086263A1 (en) 2011-06-21 2016-03-24 Early Warning Services, Llc System and method for locating and accessing account data to verify income
US10043213B2 (en) 2012-07-03 2018-08-07 Lexisnexis Risk Solutions Fl Inc. Systems and methods for improving computation efficiency in the detection of fraud indicators for loans with multiple applicants
US20150039490A1 (en) 2013-07-30 2015-02-05 Capital One Financial Corporation Systems and methods for providing user-controlled automobile financing
US10896421B2 (en) * 2014-04-02 2021-01-19 Brighterion, Inc. Smart retail analytics and commercial messaging
US10242019B1 (en) 2014-12-19 2019-03-26 Experian Information Solutions, Inc. User behavior segmentation using latent topic detection
US20180033009A1 (en) 2016-07-27 2018-02-01 Intuit Inc. Method and system for facilitating the identification and prevention of potentially fraudulent activity in a financial system
US10748154B2 (en) * 2016-12-23 2020-08-18 Early Warning Services, Llc System and method using multiple profiles and scores for assessing financial transaction risk
US20180300808A1 (en) 2017-04-13 2018-10-18 David Johnson System and method to allow mortgage consumers to obtain, store, access, and/or distribute their own data to multiple parties in a mortgage and/or real estate transaction
US10878428B1 (en) * 2017-05-09 2020-12-29 United Services Automobile Association (Usaa) Systems and methods for generation of alerts based on fraudulent network activity
US10397209B2 (en) * 2017-07-06 2019-08-27 International Business Machines Corporation Risk-aware multiple factor authentication based on pattern recognition and calendar
EP3673402A4 (en) * 2017-08-22 2021-04-28 Breach Clarity, Inc. Data breach score and method
US11223612B2 (en) 2017-10-23 2022-01-11 Network Platform Technologies Limited End to end secure identification and verification of users for organizations on multitenant platform
US20190139134A1 (en) * 2017-11-08 2019-05-09 Informed, Inc. System and method for the generation and use of local formulas for informed decision-making
US10692141B2 (en) * 2018-01-30 2020-06-23 PointPredictive Inc. Multi-layer machine learning classifier with correlative score
US10592938B2 (en) * 2018-01-31 2020-03-17 Aon Risk Consultants, Inc. System and methods for vulnerability assessment and provisioning of related services and products for efficient risk suppression
US10846431B2 (en) * 2018-04-16 2020-11-24 First Data Corporation System and method for storing data used by breach detection systems
WO2020006501A1 (en) * 2018-06-28 2020-01-02 Clemens Jo Lynn J System and method to monitor, alert and predict precursory behavior

Also Published As

Publication number Publication date
US10991231B1 (en) 2021-04-27

Similar Documents

Publication Publication Date Title
US11288676B2 (en) Private confirmation system
US8433921B2 (en) Object authentication system
US11310281B2 (en) Systems and methods for monitoring computer authentication procedures
US9406067B1 (en) System and method for verifying identity
US20080184351A1 (en) System and method for authenticating a person's identity using a trusted entity
US20100107233A1 (en) Method, system, and apparatus for identification number authentication
US20150235226A1 (en) Method of Witnessed Fingerprint Payment
WO2000048135A1 (en) Positive identity verification system and method including biometric user authentication
MXPA05011481A (en) Systems and methods for verifying identities in transactions.
US20150356552A1 (en) System, method and program for securely managing financial transactions
US20110145147A1 (en) System and method for authorizing transactions
US10546475B2 (en) Transaction terminal silent alert systems
US20160035021A1 (en) Method and system for verifying an account
US10930139B1 (en) Information card silent coercion alarm
Priya et al. A novel algorithm for secure Internet Banking with finger print recognition
Pandey et al. Case study on online fraud detection using machine learning
Archer et al. Identity theft and fraud: Evaluating and managing risk
US10991231B1 (en) Silent alarms for economic duress
US11568507B2 (en) Native-feature silent coercion alarm
US20210110679A1 (en) Card reader with silent coercion alarm
US20150074008A1 (en) Secure identification system and method
CN111882425B (en) Service data processing method, device and server
US20160048839A1 (en) System and method for exclusion-based imposter screening
JPH11212923A (en) Authentication method and system for financial transaction
Poe An Evaluation of a Biometric Enabled Credit Card for Providing High Authenticity Identity Proofing during the Transaction Authentication Process

Legal Events

Date Code Title Description
AS Assignment

Owner name: BANK OF AMERICA CORPORATION, NORTH CAROLINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BARRAZA ENCISO, MARIA CAROLINA;DINTENFASS, KATHERINE;KVOCHKO, ELENA;AND OTHERS;SIGNING DATES FROM 20190923 TO 20191010;REEL/FRAME:050702/0981

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE