WO1998056139A1 - A process for transmitting confidential communications by telephone and electronic devices for carrying out said transmission - Google Patents

A process for transmitting confidential communications by telephone and electronic devices for carrying out said transmission Download PDF

Info

Publication number
WO1998056139A1
WO1998056139A1 PCT/IT1998/000146 IT9800146W WO9856139A1 WO 1998056139 A1 WO1998056139 A1 WO 1998056139A1 IT 9800146 W IT9800146 W IT 9800146W WO 9856139 A1 WO9856139 A1 WO 9856139A1
Authority
WO
WIPO (PCT)
Prior art keywords
transmitting device
memory
data
process according
telephone
Prior art date
Application number
PCT/IT1998/000146
Other languages
English (en)
French (fr)
Inventor
Alessandro Miano
Cesare Schira
Original Assignee
Oscar S.R.L.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oscar S.R.L. filed Critical Oscar S.R.L.
Priority to AU77879/98A priority Critical patent/AU7787998A/en
Publication of WO1998056139A1 publication Critical patent/WO1998056139A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • G07F7/122Online card verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Definitions

  • the present invention relates to a process for transmitting by telephone confidential communications, e.g. bank transactionss or orders of disabling debit and/or credit cards, as well as a transmitting device and a receiving device which cany out this process.
  • the present invention relates to a transmitting device of small size and easy to operate which provides the transmission of said communications with a high degree of security.
  • the operator performing said service upon checking the correctness of the supplied data, provides the disabling of the lost or stolen cards by introducing said data in a peripheral computer connected through a network to the central computer of the card issuing company, which contains the database of the authorizations associated with all the cards issued by the company.
  • the object of the present invention is to provide a process for transmitting by telephone in a simple, quick and secure way the confidential communications, such as bank transactions or the disabling orders of debit and/or credit cards.
  • Another object of the present invention is to provide a transmitting device and a receiving device which allow to carry out the process according to the present invention.
  • the process according to the present invention while maintaining a high degree of transmission security, does not require a particular commitment by the user, who can carry out said transmission quickly and without any difficulty.
  • the transmitting device according to the present invention can be advantageously mass- produced on a large scale with a subsequent decrease of the manufacturing costs. In this way, the production of a high number of transmitting devices is however cheaper than maintaining the present disabling service. Furthermore, the transmitting device according to the present invention can easily be reduced to pocket size, whereby it can be easily carried by the user, preferably in a place separate from the credit and/or debit cards.
  • the receiving device includes a computer connected through a network to the central computer containing the database with the files of each user, whereby all the communications transmitted by the user through the transmitting device according to the present invention, e.g. the disabling orders, are forwarded to said database in real time.
  • the transmitting device since its internal memory is preferably programmable and removable, the transmitting device according to the present invention can be used to transmit a wide range of confidential cornmmiications to several receiving devices, belonging not only to banks, but to commercial companies, information services, etc. as well.
  • the internal memoi is preferably mounted in a known way on a thin, rectangular plastic substrate, provided on its surface with a plurality of electrical contacts, of the type used in the production of smart cards.
  • Fig. 1 shows an axonometric view of an embodiment of the transmitting device according to the present invention
  • Fig. 2 shows a block diagram of the internal structure of the device of fig. 1 :
  • FIG. 3 shows an axonometric view of a second embodiment of the transmitting device according to the present invention
  • - Fig. 4 shows a block diagram of the internal structure of the device of fig. 3: - Fig. 5 shows a simplified diagram of the connection between a transmitting device and a receiving device according to the present invention.
  • Fig. 6 shows a flow chart of the process according to the present invention.
  • the transmitting device includes an outer case 1, preferably shaped as a parallelepiped and made of plastic, having a slot 2 in one of its smaller faces. This slot is used to introduce into the device a permanent memory (not shown in the figure) whose function will be described further on.
  • the upper face of case 1 is provided with a liquid crystal display 3 and a keyboard including three keys 4. 4 ⁇ 4" used to control the operation of the transmitting device.
  • the latter is also provided with a speaker 5 preferably arranged on the face opposite to the face with the keys 4. 4' and 4", so that it is possible to strike said keys even when the speaker 5 is hi contact with the microphone of a telephone.
  • keys 4 and 4 " are used to select an option of the transmitting device, such as the selection of the card or cards to be disabled, while key 4" is used to control the carrying out of said option.
  • the keyboard may include a higher or lower number of keys. In particular, it may resemble or be identical to the keyboard of a conventional telephone.
  • the transmitting device includes therein a central electronic processor MC controlling the working of the whole device.
  • This processor receives an input of electric signals emitted by a keyboard interface KI upon striking of the keys 4, 4 ⁇ 4".
  • the options selected through these keys, as well as other service information, are displayed by display 3 through the electric control signals emitted by a video interface DI connected to processor MC.
  • the latter is also connected to an electronic periodical counter CL, in particular a quartz clock which provides a numerical signal indicating the current time and date, which can obviously be set directly by the user through keys 4, 4 1 and 4".
  • Processor MC is connected to a permanent memory EM, preferably a ROM memory, containing the operating program of the processor.
  • Memory EM also contains a univocal serial code associated with each transmitting device unit. In this way it is possible to recognize, and possibly prevent, the receiving of communications from devices which were lost, stolen or however not authorized.
  • Processor MC is connected through a plurality of electric contacts CI to a further permanent memory CM, preferably re-writable, which is mounted in a known way on a thin, rectangular plastic substrate provided on its surface with a plurality of electric contacts CF complementary to contacts CI.
  • This known type of permanent memory is presently used for producing smart cards which can be used as telephone cards, identity cards, credit cards, etc.
  • memory CM of the transmitting device according to the present invention is factory-programmed with a group of numerical data containing the following information: - univocal user identification code (e.g. his fiscal code);
  • a second embodiment of the transmitting device according to the present invention includes also a microphone 6 arranged at a distance from speaker 5 such that it is possible to acoustically couple said microphone and said speaker respectively to a speaker and a microphone of a telephone.
  • Microphone 6 is electrically connected to the audio interface Al. whereby the acoustic signals received by said microphone are converted through said interface into electric signals which can be recognized by processor MC.
  • processor MC By this arrangement, it is possible to control the operation of said processor through a series of acoustic control signals transmitted by telephone from the receiving device.
  • the present embodiment of the transmitting device includes also a serial interface 7 connected to processor MC.
  • processor MC By this arrangement, it is possible to introduce from outside, in particular through a peripheral computer, the data required for the operation of the device. These data can be stored in memory CM or in memory IM. In this latter instance, memory EVI must obviously be re-writable, so as to make optional the use of memory CM.
  • the receiving device according to the present invention includes at least a computer 8 of a known type controlled by a suitable program and provided with an internal periodical counter, in particular an electronic clock. Computer 8 is connected to a communication device 9 of known type, e.g. an external modem, which is in turn connected to the telephone network 10.
  • Computer 8 is also connected, through a local or wide area data network, to a central computer 11 containing the general database which may in turn be connected to other peripheral computers operating as receiving devices.
  • the central computer 1 1 contains the files of the data, operations and authorizations of all the credit and/or debit cards issued by one or more banks.
  • the transmitting device 13 in use. the transmitting device 13 according to the present invention must first of all be turned on, e.g. by pressing one or more keys 4, 4' and/or 4". After it is turned on, the device prompts the user for the introduction though said keys of the secret code stored in memory MC. Upon occurrence of three erroneous introductions of said code, the device would stop and could not be used anymore prior to re-programming of memory MC. By this arrangement, the use of the transmitting device by persons not authorized by the user is prevented. After introducing the secret code, the transmitting device shows on display 3 the current time and date supplied by clock CL. If the displayed time and date are not correct, the user can set them correctly by acting on keys 4, 4' and 4".
  • the user must select the communication or communications he wishes to send, e.g. the disabling request of a particular lost credit card.
  • the code corresponding to said request was already stored in memory CM, whereby the user only has to select this code with the aid of display 3 and keys 4, 4' and 4J
  • the user can also add some further information to the selected communication, for instance the data relating to the amount and the beneficiary of a bank transaction.
  • the user In order to send the selected communication, the user must place the transmitting device close to the microphone of telephone 12 and dial on the latter the telephone number of the receiving device 8. Alternatively, he can select the telephone number stored in memory CM.
  • processor MC sends the sequence of digits of the selected number to the audio interface Al. which emits through speaker 5 a sequence of telephone tones corresponding to the selected number. In this way. the transmitting device automatically dials the telephone number of the receiving device and connects thereto.
  • the receiving device prompts the user, through the speaker of telephone 12. for the confirmation of the sending of the communication through one of keys 4. 4' and 4 " .
  • processor MC of the transmitting device takes fiom memories EM and CM the code of said communication, the user identification code and the serial code of the transmitting device, and combines said codes with the current time and date obtained from clock CL.
  • the encoding algorithm used for said combination is also based on the current time and date and can be selected among the known algorithms by the writer of the program contained in memory EM or it can be created from scratch for the process according to the present invention.
  • a control code in order to identify possible transmission errors, e.g. caused by interference on the telephone line.
  • the resulting sequence of numbers is sent to the audio interface Al. which converts the digits of said numbers into a sequence of tones which is emitted by speaker 5.
  • This sequence of tones is received and decoded by the receiving device 8 through an inverse algorithm with respect to the encoding algorithm used by the transmitting device.
  • the receiving device 8 checks the control code. If said code is consistent with the received data, the receiving device 8 extracts fiom the remaining data the meaningful codes, i.e. the code of the transmitted communication, the user identification code and the serial code of the transmitting device, as well as the time and date of transmission.
  • the decoding algorithm inverse with respect to the above-mentioned encoding algorithm, is based on the time and date provided by the internal clock of the receiving device. The latter also checks whether the transmitted time and date correspond with the time and date provided by the internal clock. In case of lack of correspondence of said time reference, beyond a possible small tolerance, e.g. equal to one minute, the receivmg device indicates a transmission error and stops the communication.
  • the transmitting device ca ⁇ ies out said transmission for the second time.
  • the receivmg device checks in its database, through the user identification code and the serial code of the transmitting device, if the transmitted communication can be validated. If this check is positive, the receiving device 8 forwards in real time to the central computer 1 1 the contents of the communication, e.g. the confirmation of a bank transaction or the disabling order of a certain credit card. Finally, if said order has been earned out. the receiving device 8 sends to the user through telephone 12 a pre-recorded reply, e.g.
  • the receiving device 8 sends to the user a pre-recorded reply indicating the lack of execution of the order and possibly the reasons why said order was not carried out.
  • the user Upon receipt of the reply to the transmitted communication, the user can cany out another transmission or turn off the transmitting device and hang telephone 12.
  • the transmitting device is provided with a microphone 6, the transmission of the communication by said device is controlled by the receiving device through acoustic control signals emitted by modem 9 and received by said microphone.
  • the pre-recorded rephes can be replaced by suitable acoustic signals which are converted by processor MC into a text shown on display 3.
  • the audio interface Al, the video interface DL the keyboard interface KI, clock CL and/or the internal memory IM may be integrated with processor MC into a single microprocessor.
  • memoiy CM and/or memoiy EM can be made with electronic memory means different from those described above, e.g. fixed memories of the EPROM, EEPROM, NO VRAM, Flash EPROM and buffered RAM types, as well as removable memories of the PCMCIA type.
  • the acoustic signal transmitted over the telephone line can be any acoustic signal suitable for the data encoding, e.g. a signal modulated on the basis of modem and/or fax protocols.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Calculators And Similar Devices (AREA)
  • Facsimile Transmission Control (AREA)
  • Facsimiles In General (AREA)
PCT/IT1998/000146 1997-06-04 1998-06-01 A process for transmitting confidential communications by telephone and electronic devices for carrying out said transmission WO1998056139A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU77879/98A AU7787998A (en) 1997-06-04 1998-06-01 A process for transmitting confidential communications by telephone and electronic devices for carrying out said transmission

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IT97MI001315A IT1292078B1 (it) 1997-06-04 1997-06-04 Procedimento per trasmettere comunicazioni riservate via telefono e dispositivi elettronici per realizzare tale trasmissione
ITMI97A001315 1997-06-04

Publications (1)

Publication Number Publication Date
WO1998056139A1 true WO1998056139A1 (en) 1998-12-10

Family

ID=11377290

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IT1998/000146 WO1998056139A1 (en) 1997-06-04 1998-06-01 A process for transmitting confidential communications by telephone and electronic devices for carrying out said transmission

Country Status (3)

Country Link
AU (1) AU7787998A (enrdf_load_stackoverflow)
IT (1) IT1292078B1 (enrdf_load_stackoverflow)
WO (1) WO1998056139A1 (enrdf_load_stackoverflow)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0374012A1 (fr) * 1988-12-07 1990-06-20 ETAT FRANCAIS représenté par le Ministre des Postes, Télécommunications et de l'Espace Dispositif d'authentification pour serveur interactif
US5524072A (en) * 1991-12-04 1996-06-04 Enco-Tone Ltd. Methods and apparatus for data encryption and transmission
US5539819A (en) * 1993-07-19 1996-07-23 Bell Systems 24 Inc. Credit card which generates a DTMF tone

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0374012A1 (fr) * 1988-12-07 1990-06-20 ETAT FRANCAIS représenté par le Ministre des Postes, Télécommunications et de l'Espace Dispositif d'authentification pour serveur interactif
US5524072A (en) * 1991-12-04 1996-06-04 Enco-Tone Ltd. Methods and apparatus for data encryption and transmission
US5539819A (en) * 1993-07-19 1996-07-23 Bell Systems 24 Inc. Credit card which generates a DTMF tone

Also Published As

Publication number Publication date
ITMI971315A1 (it) 1998-12-04
IT1292078B1 (it) 1999-01-25
AU7787998A (en) 1998-12-21
ITMI971315A0 (enrdf_load_stackoverflow) 1997-06-04

Similar Documents

Publication Publication Date Title
US4601011A (en) User authorization verification apparatus for computer systems including a central device and a plurality of pocket sized remote units
US4849613A (en) Method and device for making an electronic authentication
US5351296A (en) Financial transmission system
US5740232A (en) Smart card based system for telephone-securized transactions
EP0741884B8 (en) Funds transaction device
US5524072A (en) Methods and apparatus for data encryption and transmission
US8755501B2 (en) Acoustic encoding of dynamic identification codes
EP0172670A2 (en) An apparatus for effecting and recording monetary transactions
US20040149827A1 (en) Smartcard authentication and authorization unit attachable to a PDA, computer, cell phone, or the like
US7013393B1 (en) Universal intelligent card for secure access to system functions
US8412634B2 (en) Authenticating method
EP0972275A2 (en) Use of banking services in a digital cellular radio system
EP0976015A1 (en) Method for obtaining at least one item of user authentication data
EP1356360A2 (en) Method and apparatus for secure identity authentication with audible tones
EP1228653A1 (en) System for electronic delivery of a personal identification code
EP0615673B1 (en) Method and apparatus for data encryption and transmission
WO2001011575A1 (en) Portable certification device with acoustic coupling
US5216716A (en) Transmitting device of signal sequences
WO1998056139A1 (en) A process for transmitting confidential communications by telephone and electronic devices for carrying out said transmission
EP0635774B1 (en) Hand-held terminal for performing purchasing, debit, credit and drawing operations
JP3082883B2 (ja) Icプリペイドカードシステム
JP2967456B2 (ja) 認証システム
KR0170165B1 (ko) 스마트 카드를 이용한 홈 뱅킹 단말장치 및 그의 운용방법
KR0170164B1 (ko) 스마트 카드를 이용한 펌 뱅킹 단말장치 및 그의 운용방법
KR19980087774A (ko) 금융거래용 비접속식 보안카드 및 보안전화기와 이를 이용한 폰뱅킹 제어방법

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 1999502011

Format of ref document f/p: F

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA