WO2001057814A1 - Password storage apparatus and method - Google Patents

Password storage apparatus and method Download PDF

Info

Publication number
WO2001057814A1
WO2001057814A1 PCT/US2001/003836 US0103836W WO0157814A1 WO 2001057814 A1 WO2001057814 A1 WO 2001057814A1 US 0103836 W US0103836 W US 0103836W WO 0157814 A1 WO0157814 A1 WO 0157814A1
Authority
WO
WIPO (PCT)
Prior art keywords
escort
user
code
access code
memory
Prior art date
Application number
PCT/US2001/003836
Other languages
French (fr)
Inventor
Allen Keetch
Kenneth Hine
Original Assignee
Aztak Technology Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aztak Technology Corporation filed Critical Aztak Technology Corporation
Priority to AU2001234868A priority Critical patent/AU2001234868A1/en
Publication of WO2001057814A1 publication Critical patent/WO2001057814A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/346Cards serving only as information carrier of service
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code

Definitions

  • the invention relates to security arrangements in which access to a trdnsactional capability or to some physically secured location or object is granted responsive to an authorized user providing a password, personal identification number or other unique message to identify himself. More specifically, the invention relates to secure means of storing passwords for use with multiple systems.
  • Shomron teaches printing a plurality of PINs on the surface of a credit card and using visual cues (such as choice of font, geometric patterns adjacent the PINs, etc.) to point out the correct PIN to the authorized user.
  • Suzuki teaches an electronic apparatus comprising a memory in which the user can store easily remembered personal data (e.g., mother's maiden name) and use those data to validate his or her identity when he or she forgets the PIN.
  • personal data e.g., mother's maiden name
  • Another area of interest to the present invention is that of telephone instruments having a "speed dial” or "memory dial” capability.
  • a user can enter a frequently called telephone number into a memory and can write some sort of name or other designation associated with that number in an enumerated list of blank fields provided on the housing of the instrument.
  • the user may consult the enumerated list to see what number is associated with the person to be called, and then press a key that initiates the memory dial feature, foEowed by the number key on the keypad bearing the number associated with the person.
  • the number to be speed dialed is displayed on a small LCD display adjacent a keypad on a battery powered telephone instrument prior to the instrument being used to initiate the call to the selected number.
  • One of the goals of the invention is to provide means by which a person need only remember a single identifying code and can use that identifying code to retrieve whatever such code or password is required for access to a selected secure facility or transaction.
  • One of the benefits of the invention is that it provides escort memory apparatus that can be used by a person who requires access to a number of secure sites, equipments or transaction accounts, who has a different identifying code for each such use, and who must enter the appropriate identifying code to gain each desired access.
  • the invention provides the user with a small card-like escort memory device having a display; a manual data input means; a housing having a writing portion; and an electronic memory having an escort memory access code stored therein.
  • the user may initially use the input means to enter both the escort memory access code and an identifying code associated with the each site or equipment Subsequently, when the user desires access to the selected site or equipment he or she can enter the escort access code and then read, from the display, the identifying code needed to access the selected site or equipment.
  • the user can write a mnemonic descriptor (e.g., the name of a bank) on a designated blank writing portion of the housing for each stored identifying code so that the descriptor is immediately adjacent an indicium representative of a unique data record label.
  • twenty four blank spaces are provided where each blank is uniquely associated with an integer lying in the range from one to twenty four.
  • a preferred embodiment of the invention provides a software security arrangement in which all of the identifying codes stored in a memory of the escort memory device are erased after some predetermined number of sequential inputs of trial escort memory access codes fail to match the stored escort memory access code.
  • the escort memory enters a software self-destruct mode after three erroneous codes are entered in sequence.
  • a preferred embodiment of the invention provides physical means of preventing an unauthorized person from tampering with or illicitly acquiring the identifying codes stored in the escort memory.
  • These means may include providing a sealed housing that can not be opened without a high likelihood that doing so would break a circuit trace or otherwise destroy the apparatus.
  • Figure 1 is a front elevational view of an escort memory apparatus of the invention
  • Figure 2 is a rear elevational view thereof.
  • Figure 3 is a schematic block diagram of the escort memory device.
  • Figure 4 depicts a flow chart that could be carried out by an escort memory of the invention and depicts flows of identity information between the escort memory and secure systems, the flows all passing through a user.
  • An escort memory apparatus 30 of the invention is preferably configured as a nearly wallet- sized card that can be carried about as easily as one could carry a credit card. Although small calculators having the same length and width as a credit card (Le., about eighty five millimeters by fifty four millimeters) have been on the market for some time, they are considerably thicker than a credit or debit card, which is commonly about one half millimeter thick. A preferred embodiment of the escort memory apparatus 30 is between two and three millimeters thick.
  • the overall dimensions for the apparatus 30 are thus selected to be about eighty three by fifty seven millimeters by three millimeters, where the length and width are chosen to differ from normal credit card dimensions by two to three millimeters in order to make the apparatus of the invention somewhat easier for a user 50 to find in his or her wallet. Additionally, the slight decrease in the width of the apparatus 30, offsets the greater thickness so that the apparatus 30 can fit into a wallet slot intended for a credit or debit card.
  • the escort memory apparatus 30 preferably comprises, as its only output, a low power display, which may be liquid crystal display 32; or may be any other such display operating with the same or lower power requirements.
  • the memory apparatus 30 has, as its only user input, a manual input device such as the preferred membrane keypad 34 depicted in the drawing. Operation of the apparatus 30 is controlled by a control means that is preferably a microcontroller or microprocessor 36 operating under control of a program stored in a read-only memory 38.
  • a control means that is preferably a microcontroller or microprocessor 36 operating under control of a program stored in a read-only memory 38.
  • a read-write memory such as an EEROM 40
  • EEROM 40 was also associated with this microprocessor 36 and was used for storing identity codes, as will be described in greater detail hereinafter.
  • an Oki Model MSM63184A microcontroller was selected. This latter device had sufficient on-board memory that the developers were able to dispense with the EEROM as a separate component.
  • eliminating the EEROM led to a device capable of storing only five codes strings if each code string was ten characters in length.
  • a preferred escort memory apparatus 30 is powered by a non-rechargeable, non- replaceable primary battery 42 that is permanently sealed into the casing or housing 44 of the apparatus so as to prohibit replacement of the battery 42. This approach to making the apparatus 30 minimizes its initial cost.
  • the tamper-resistant housing 44 also provides a measure of security, in that no one can open the housing in order to attempt to read out data stored in the EEROM 40.
  • the data stored in the EEROM 40 and in memory on the microprocessor 36 chip are encrypted.
  • a writing area 46 disposed on the back of the housing 44 and providing an enumerated, or otherwise conveniently labeled, set of defined spaces 47 wherein a user 50 can write names that he or she can use to designate a bank account, computer, etc., for which he or she wants to remember a password or other identifying code.
  • the writing area 46 may be formed as a roughened portion of a plastic housing, may be an adhesive-backed paper form adhered to the housing, or may be formed by any other known approach allowing someone to write short text strings thereon by the use of conventional writing implements.
  • Fig. 4 one finds a depiction of the use of an escort memory 30 by a user 50 to store and to retrieve a plurality of user-identifying codes.
  • Each of these codes is respectively associated with a separate secure system 52.
  • the exchange of data between the user 50 and the various apparatuses 30, 52 is indicated in Fig. 4 with the bold arrows 53.
  • each of the systems 52 issues a password, PIN, or other identity code (depicted as PIN 1 to PIN N in Fig. 4) to the user 50 and then requires the user to input that code in order to access the system 52.
  • the user 50 can store the identity codes PIN 1 . . .
  • Step 54 The program running in the escort memory apparatus 30 compares the trial code with an escort access code 56 stored in the EEROM 40, as indicated in Step 56. If the user enters the correct escort access code, he or she can then choose (Step 58) to either store a new identity code (Step 60) or to read a previously stored code (Step 62) from the memory 40.
  • Step 64 the program enters a software self-destruct or failure mode (Step 64).
  • the maximum number of attempts to match the stored escort access code is set at three, and the failure mode completely and permanently disables the apparatus 30 by erasing or over-writing all of the stored identity codes and the stored escort access code.
  • the escort apparatus 30 is supplied to an end user with a factory set escort access code (e.g., "877").
  • the user 50 is directed to begin his or her use of the apparatus by over-writing the factory generated and generally publicly known escort access code with an escort access code of his or her own choosing. This may be done by turning on the apparatus 30, which is programmed to initially read the stored escort access code, and, if that access code is the initial factory set code, to aEow the user complete access to data stored in the device.
  • the device could be programmed to display the same start-up message used in normal operation - e.g., "enter code”, and the user could first enter the factory code (which can be printed on a temporarily adhered tag), and then begin an escort access code change routine (e.g., by simultaneously pressing two keys, or by entering a code entry sequence, such as the 'TGM” key followed by "00").
  • factory code which can be printed on a temporarily adhered tag
  • an escort access code change routine e.g., by simultaneously pressing two keys, or by entering a code entry sequence, such as the 'TGM” key followed by "00"
  • the user can enter one or more identity codes. For example, he or she could select a data field by keying in a unique record label and pressing the "PGM" key, which would result in the display of the unique record label designation 45 on the display.
  • the unique record label designation 45 is a two digit prompt, where the two digits (commonly the integers lying in the range of one to twenty, where the integers between one and nine are displayed with a leading zero) represent a memory location available for storage of a uniquely labeled data record. He or she could then use the keypad 34 to enter the desired identity code or PIN, which would be displayed as it was entered.
  • the user After checking the display to ensure that the correct code was entered, the user would press the ENT key to write the code into the memory location operatively associated with the two digit prompting message. Before or after this step the user would preferably write a user-generated mnemonic designation in a corresponding space 47 in a writing area 46 on the back of the housing 44. It will be recognized that many variations on this data entry process are possible, and that the one cited above is merely one of several convenient choices. It may also be noted that the apparatus 30 can be configured to allow the entry of only one PIN for each entry of the access code, or may allow entry of any number of PINs once it has accepted a valid access code.
  • the user For the more common operation of consulting the escort apparatus 30 in order to retrieve an identity code for use with a secure system (e.g., an automatic teller machine from which the user wants to withdraw cash from a bank at which he or she has an account), the user would switch the escort apparatus into its active mode, enter his or her escort access code, and then select the identity code display function (e.g., by pressing the ENT key on the keypad).
  • a secure system e.g., an automatic teller machine from which the user wants to withdraw cash from a bank at which he or she has an account
  • the display then shows the PIN stored in the first memory location in the format "OLnnnnnnnn", where the dot or other separator separating the memory location designation "01" from the access code “nnnnnnnnn” may be printed on a overlay aligned with the LCD display 32 in order to avoid having to give up a portion of the LCD for the display of repetitive material
  • the user refers to the list of mnemonic designations (e.g., the name of the bank) and inputs the two digit number associated with that designation in the enumerated list of names appearing on the back of the apparatus, and again presses "ENT" to display the requested identity code.
  • the preferred apparatus is expected to have only a limited memory capacity - e.g., it may store only one escort access code and twenty separate identity codes, where each code is up to twelve alphanumeric characters in length..
  • a preferred process of doing this comprises the steps of: a) gaining access to the apparatus 30 by entering the appropriate escort access code, b) entering the data field number associated with the account and hitting die "PGM” key; c) entering the new identity code datum followed by the "ENT" key.
  • a similar approach may be used to change the escort access code. In this case, instead of entering a number associated with a data field, the user enters a selected number, such as "00", that is not within die range of numbers used to identify data fields (e.g., is not one of the integers between one and twenty).
  • a preferred operating program also uses an internal timer to automatically turn off the display and place the apparatus in a low power mode of the sort commonly called "sleep mode" after a short period (e.g., fifteen seconds) of inactivity.
  • the period of inactivity may be measured from the time that a manual input places the apparatus in its active mode, or, more commonly, may be measured from the time that the most recent user input is supplied at the keyboard.
  • sleep mode operation is important to prolonging the life of the apparatus.
  • a timed operating cycle allows for simpler operation in that the user does not have to learn any additional steps to turn the apparatus off. All he or she needs do is place the apparatus in a pocket or purse and it will automatically enter sleep mode and refuse to display stored identity codes until the stored escort access code has again been entered.
  • a preferred embodiment of the apparatus employs a small "telephone-type" keypad in the interest of reducing both size and cost and preferably uses one of the keys in the keypad (e.g., the "5" key in the middle of the pad is pressed twice within three seconds) to cause the microprocessor to enter its active mode in which inputs are accepted and outputs displayed. This sort of arrangement avoids adding a dedicated ON/OFF switch to the unit.
  • a telephone-type a keypad can be used for alphanumeric and special character data entry by using repetitive keystrokes to enter a selected one of the letters displayed above a numbered key. For example, a letter “e”, which is the second letter in the "DEF” triad associated with the "3" key can be entered by hitting "3" key three times in succession.
  • the apparatus of the invention may also find use as an advertising specialty item bought in large numbers by a single company and then given away to that company's customers or prospective customers.
  • a corporate logo, trademark emblem or other identifying indicium 66 is imprinted on the housing 44 of each storage apparatus 30 of a custom ordered lot thereof.
  • a brief advertising message comprising a string of alphabetic or alphanumeric characters may be stored in a predetermined portion of the memory 40 and displayed to the user of the apparatus 30 each time it is turned on.
  • the apparatus described above that could contain up to twenty PINs can be reprogrammed to serve as an advertising specialty product by dedicating the memory space otherwise used by four of the twenty identity codes to an advertising message or other message unrelated to identity codes.
  • This message which could be over thirty characters in length, is then scrolled across the twelve character display 32 whenever the apparatus 30 is turned on and before the user enters his or her access code. It will be appreciated by those skilled in the computer arts that the same hardware can be used for either application.
  • Customizing a batch of escort memory devices 30 can be done before packaging the apparatus by selecting the program to be stored in the microprocessor's ROM 38, storing an advertising message unrelated to any identity code that is to be used in the data memory 40 and by arranging for printing, engraving, or otherwise displaying custom indicia on the outside of the housing 44.
  • the apparatus 30 can be customized after sealing by using a connector comprising a thin contact insertable into a connector in the housing to make electrical contact to appropriate circuit points.
  • a connector comprising a thin contact insertable into a connector in the housing to make electrical contact to appropriate circuit points.
  • This arrangement permits a retailer to use the special writing apparatus to economically add advertising, promotional, or other messages to ones of a relatively small lot of apparatuses 30.
  • the writing apparatus is configured to have an interface to a desktop computer capable of running the writing software and of displaying the message to be written before it is entered into the apparatus 30.
  • the invention provides apparatus and method for conducting secure financial transactions and for acquiring access to secured facilities and equipment.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)

Abstract

An escort memory device (30) allows a person to remember only a single code and use that code to retrieve whatever identifying password may be required for access to a secure facility. An escort memory device (30) nearly the size and shape of a credit card has a display (32); a keypad (34); and a housing (44) having a writing portion (46). A user (50) of the device (30) may initially use the keypad (34) to enter both an escort memory access code and a separate identifying code associated with each secure site or equipment. Subsequently, when the user desires access to a selected site (52) or equipment he can enter the escort access code and then read, from the display (32), the identifying code that is needed. In addition, the user can write a mnemonic descriptor on a designated blank writing portion (46) of the housing (44) for each stored identifying code.

Description

TITLE OF THE INVENTION: Password Storage Apparatus and Method
TECHNICAL FIELD
The invention relates to security arrangements in which access to a trdnsactional capability or to some physically secured location or object is granted responsive to an authorized user providing a password, personal identification number or other unique message to identify himself. More specifically, the invention relates to secure means of storing passwords for use with multiple systems.
BACKGROUND ART
There are many arrangements in which a person must provide a password, personal identification number (PIN), or some other user-identifying code to a secure apparatus in order to ςarry out a transaction or to be permitted physical access to a protected area or object. These arrangements include many credit and debit transactions (e.g., those carried out at automated teller machines), entry to an area locked by a combination lock or electronic access control means; and password access to the use of a computer. In many such arrangements the secure system issues a Personal Identification Number (PIN) or other password to users. It is therefore common for many people in our society to have to remember and use multiple passwords, PINs and the like in order to get through an average day. A common problem in modem life is that of forgetting a password needed to carry out some essential or important activity.
The level of security offered by the use of a password is often compromised by users who simply can not remember all their passwords and who write them down somewhere handy.
Whenever one of these people has a purse or wallet stolen, there is a high likelihood that the thief will discover the nominally hidden password and will try using that password with various credit cards, ATM cards, etc. in an attempt to steal more from the victim.
Several inventors have addressed the problems of password proliferation by attempting to provide a secure means of password storage that a user can carry along with whatever physical record (e.g., a teller machine card) is needed for access. The patent art in this field includes: * US 5,742,035, to Kohut, who teaches printing a matrix of numbers on the surface of a wallet card (e.g., a credit card, ATM card or the like). The PIN associated with the card is made up of a sequential pattern of some of the numbers, where the sequential pattern is chosen by (and subsequently remembered by) the authorized user of the card.
* US 5,259,649, wherein Shomron teaches printing a plurality of PINs on the surface of a credit card and using visual cues (such as choice of font, geometric patterns adjacent the PINs, etc.) to point out the correct PIN to the authorized user.
* US 5,246,375, wherein Goede teaches the use of a matrix oveday that reveals the PIN when placed over a credit card in a predetermined orientation.
* US 4,801,787, wherein Suzuki teaches an electronic apparatus comprising a memory in which the user can store easily remembered personal data (e.g., mother's maiden name) and use those data to validate his or her identity when he or she forgets the PIN.
Another area of interest to the present invention is that of telephone instruments having a "speed dial" or "memory dial" capability. In these devices a user can enter a frequently called telephone number into a memory and can write some sort of name or other designation associated with that number in an enumerated list of blank fields provided on the housing of the instrument. To call the stored number, the user may consult the enumerated list to see what number is associated with the person to be called, and then press a key that initiates the memory dial feature, foEowed by the number key on the keypad bearing the number associated with the person. It is recognized that in some such instruments (e.g., cellular phones) the number to be speed dialed is displayed on a small LCD display adjacent a keypad on a battery powered telephone instrument prior to the instrument being used to initiate the call to the selected number.
DISCLOSURE OF THE INVENTION
One of the goals of the invention is to provide means by which a person need only remember a single identifying code and can use that identifying code to retrieve whatever such code or password is required for access to a selected secure facility or transaction.
One of the benefits of the invention is that it provides escort memory apparatus that can be used by a person who requires access to a number of secure sites, equipments or transaction accounts, who has a different identifying code for each such use, and who must enter the appropriate identifying code to gain each desired access. The invention provides the user with a small card-like escort memory device having a display; a manual data input means; a housing having a writing portion; and an electronic memory having an escort memory access code stored therein. The user may initially use the input means to enter both the escort memory access code and an identifying code associated with the each site or equipment Subsequently, when the user desires access to the selected site or equipment he or she can enter the escort access code and then read, from the display, the identifying code needed to access the selected site or equipment. In a preferred embodiment the user can write a mnemonic descriptor (e.g., the name of a bank) on a designated blank writing portion of the housing for each stored identifying code so that the descriptor is immediately adjacent an indicium representative of a unique data record label. In one such embodiment, twenty four blank spaces are provided where each blank is uniquely associated with an integer lying in the range from one to twenty four.
A preferred embodiment of the invention provides a software security arrangement in which all of the identifying codes stored in a memory of the escort memory device are erased after some predetermined number of sequential inputs of trial escort memory access codes fail to match the stored escort memory access code. In a particular preferred embodiment, the escort memory enters a software self-destruct mode after three erroneous codes are entered in sequence.
Moreover, a preferred embodiment of the invention provides physical means of preventing an unauthorized person from tampering with or illicitly acquiring the identifying codes stored in the escort memory. These means may include providing a sealed housing that can not be opened without a high likelihood that doing so would break a circuit trace or otherwise destroy the apparatus.
Although it is believed that the foregoing recital of features and advantages may be of use to one who is skilled in the art and who wishes to learn how to practice the invention, it will be recognized that the foregoing recital is not intended to list all of the features and advantages. Moreover, it may be noted that various embodiments of the invention may provide various combinations of the hereinbefore recited features and advantages of the invention, and that less than all of the recited features and advantages may be provided by some embodiments.
BRIEF DESCRIPTION OF THE FIGURES IN THE DRAWINGS
Figure 1 is a front elevational view of an escort memory apparatus of the invention
Figure 2 is a rear elevational view thereof.
Figure 3 is a schematic block diagram of the escort memory device. Figure 4 depicts a flow chart that could be carried out by an escort memory of the invention and depicts flows of identity information between the escort memory and secure systems, the flows all passing through a user.
BEST MODE FOR CARRYING OUT THE INVENTION
An escort memory apparatus 30 of the invention is preferably configured as a nearly wallet- sized card that can be carried about as easily as one could carry a credit card. Although small calculators having the same length and width as a credit card (Le., about eighty five millimeters by fifty four millimeters) have been on the market for some time, they are considerably thicker than a credit or debit card, which is commonly about one half millimeter thick. A preferred embodiment of the escort memory apparatus 30 is between two and three millimeters thick. The overall dimensions for the apparatus 30 are thus selected to be about eighty three by fifty seven millimeters by three millimeters, where the length and width are chosen to differ from normal credit card dimensions by two to three millimeters in order to make the apparatus of the invention somewhat easier for a user 50 to find in his or her wallet. Additionally, the slight decrease in the width of the apparatus 30, offsets the greater thickness so that the apparatus 30 can fit into a wallet slot intended for a credit or debit card.
The escort memory apparatus 30 preferably comprises, as its only output, a low power display, which may be liquid crystal display 32; or may be any other such display operating with the same or lower power requirements. The memory apparatus 30 has, as its only user input, a manual input device such as the preferred membrane keypad 34 depicted in the drawing. Operation of the apparatus 30 is controlled by a control means that is preferably a microcontroller or microprocessor 36 operating under control of a program stored in a read-only memory 38. Although many different sorts of microcontrollers or microprocessors could be considered, an initially preferred apparatus of the invention 30 used a Model MSM64155 made by Old Semiconductor. In addition to the masked ROM 38, a read-write memory, such as an EEROM 40, was also associated with this microprocessor 36 and was used for storing identity codes, as will be described in greater detail hereinafter. In a subsequent embodiment of the invention an Oki Model MSM63184A microcontroller was selected. This latter device had sufficient on-board memory that the developers were able to dispense with the EEROM as a separate component. In the initially preferred embodiment using the Oki Model MSM64155, eliminating the EEROM led to a device capable of storing only five codes strings if each code string was ten characters in length. A preferred escort memory apparatus 30 is powered by a non-rechargeable, non- replaceable primary battery 42 that is permanently sealed into the casing or housing 44 of the apparatus so as to prohibit replacement of the battery 42. This approach to making the apparatus 30 minimizes its initial cost. The tamper-resistant housing 44 also provides a measure of security, in that no one can open the housing in order to attempt to read out data stored in the EEROM 40. As a further deterrent to theft by a skilled and well equipped thief, in a preferred embodiment the data stored in the EEROM 40 and in memory on the microprocessor 36 chip are encrypted.
Another feature of a preferred housing 44 is a writing area 46 disposed on the back of the housing 44 and providing an enumerated, or otherwise conveniently labeled, set of defined spaces 47 wherein a user 50 can write names that he or she can use to designate a bank account, computer, etc., for which he or she wants to remember a password or other identifying code. The writing area 46 may be formed as a roughened portion of a plastic housing, may be an adhesive-backed paper form adhered to the housing, or may be formed by any other known approach allowing someone to write short text strings thereon by the use of conventional writing implements.
Turning now to Fig. 4, one finds a depiction of the use of an escort memory 30 by a user 50 to store and to retrieve a plurality of user-identifying codes. Each of these codes is respectively associated with a separate secure system 52. The exchange of data between the user 50 and the various apparatuses 30, 52 is indicated in Fig. 4 with the bold arrows 53. As is well known in the art, each of the systems 52 issues a password, PIN, or other identity code (depicted as PIN 1 to PIN N in Fig. 4) to the user 50 and then requires the user to input that code in order to access the system 52. The user 50 can store the identity codes PIN 1 . . . PIN N in the escort memory apparatus 30 by entering a trial escort access code as shown in Step 54. The program running in the escort memory apparatus 30 compares the trial code with an escort access code 56 stored in the EEROM 40, as indicated in Step 56. If the user enters the correct escort access code, he or she can then choose (Step 58) to either store a new identity code (Step 60) or to read a previously stored code (Step 62) from the memory 40.
In order to prevent a thief from guessing the stored access code in a stolen escort memory device 30 a limit is placed on the number of allowable comparisons made in Step 56 between a trial escort access code and the stored escort access code. If a predetermined maximum allowable number of attempts to match the codes is reached, the program enters a software self-destruct or failure mode (Step 64). In a preferred embodiment, the maximum number of attempts to match the stored escort access code is set at three, and the failure mode completely and permanently disables the apparatus 30 by erasing or over-writing all of the stored identity codes and the stored escort access code.
In a specific preferred embodiment, the escort apparatus 30 is supplied to an end user with a factory set escort access code (e.g., "877"). The user 50 is directed to begin his or her use of the apparatus by over-writing the factory generated and generally publicly known escort access code with an escort access code of his or her own choosing. This may be done by turning on the apparatus 30, which is programmed to initially read the stored escort access code, and, if that access code is the initial factory set code, to aEow the user complete access to data stored in the device. Alternately, of course, the device could be programmed to display the same start-up message used in normal operation - e.g., "enter code", and the user could first enter the factory code (which can be printed on a temporarily adhered tag), and then begin an escort access code change routine (e.g., by simultaneously pressing two keys, or by entering a code entry sequence, such as the 'TGM" key followed by "00").
After gaining access to the escort apparatus 30 by entering his or her escort access code, the user can enter one or more identity codes. For example, he or she could select a data field by keying in a unique record label and pressing the "PGM" key, which would result in the display of the unique record label designation 45 on the display. In a preferred embodiment the unique record label designation 45 is a two digit prompt, where the two digits (commonly the integers lying in the range of one to twenty, where the integers between one and nine are displayed with a leading zero) represent a memory location available for storage of a uniquely labeled data record. He or she could then use the keypad 34 to enter the desired identity code or PIN, which would be displayed as it was entered. After checking the display to ensure that the correct code was entered, the user would press the ENT key to write the code into the memory location operatively associated with the two digit prompting message. Before or after this step the user would preferably write a user-generated mnemonic designation in a corresponding space 47 in a writing area 46 on the back of the housing 44. It will be recognized that many variations on this data entry process are possible, and that the one cited above is merely one of several convenient choices. It may also be noted that the apparatus 30 can be configured to allow the entry of only one PIN for each entry of the access code, or may allow entry of any number of PINs once it has accepted a valid access code. For the more common operation of consulting the escort apparatus 30 in order to retrieve an identity code for use with a secure system (e.g., an automatic teller machine from which the user wants to withdraw cash from a bank at which he or she has an account), the user would switch the escort apparatus into its active mode, enter his or her escort access code, and then select the identity code display function (e.g., by pressing the ENT key on the keypad). In a preferred embodiment the display then shows the PIN stored in the first memory location in the format "OLnnnnnnnnnn", where the dot or other separator separating the memory location designation "01" from the access code "nnnnnnnnnn" may be printed on a overlay aligned with the LCD display 32 in order to avoid having to give up a portion of the LCD for the display of repetitive material At this point in the preferred sequence, the user refers to the list of mnemonic designations (e.g., the name of the bank) and inputs the two digit number associated with that designation in the enumerated list of names appearing on the back of the apparatus, and again presses "ENT" to display the requested identity code. It will be noted that many other arrangements, e.g., displaying a prompting message at start-up rather than showing the contents of the first memory location, or allowing the user to scroll sequentially through all the stored identity codes, could also be used for identity code retrieval and display.
The preferred apparatus is expected to have only a limited memory capacity - e.g., it may store only one escort access code and twenty separate identity codes, where each code is up to twelve alphanumeric characters in length.. Hence, an appropriate arrangement will be made for deleting or for over-writing old identity codes with new ones whenever a user changes banks, or is issued a new password for a computer used at work, etc. A preferred process of doing this comprises the steps of: a) gaining access to the apparatus 30 by entering the appropriate escort access code, b) entering the data field number associated with the account and hitting die "PGM" key; c) entering the new identity code datum followed by the "ENT" key. A similar approach may be used to change the escort access code. In this case, instead of entering a number associated with a data field, the user enters a selected number, such as "00", that is not within die range of numbers used to identify data fields (e.g., is not one of the integers between one and twenty).
A preferred operating program also uses an internal timer to automatically turn off the display and place the apparatus in a low power mode of the sort commonly called "sleep mode" after a short period (e.g., fifteen seconds) of inactivity. As is known in the art, the period of inactivity may be measured from the time that a manual input places the apparatus in its active mode, or, more commonly, may be measured from the time that the most recent user input is supplied at the keyboard. The use of this dual mode operation is important to the present invention for several reasons. Because the device is expected to be a low cost device to be used only until the battery is depleted and then thrown away and replaced, sleep mode operation is important in prolonging the life of the apparatus. Additionally, the provision of a timed operating cycle allows for simpler operation in that the user does not have to learn any additional steps to turn the apparatus off. All he or she needs do is place the apparatus in a pocket or purse and it will automatically enter sleep mode and refuse to display stored identity codes until the stored escort access code has again been entered. Moreover, a preferred embodiment of the apparatus employs a small "telephone-type" keypad in the interest of reducing both size and cost and preferably uses one of the keys in the keypad (e.g., the "5" key in the middle of the pad is pressed twice within three seconds) to cause the microprocessor to enter its active mode in which inputs are accepted and outputs displayed. This sort of arrangement avoids adding a dedicated ON/OFF switch to the unit.
As is known in the art, a telephone-type a keypad can be used for alphanumeric and special character data entry by using repetitive keystrokes to enter a selected one of the letters displayed above a numbered key. For example, a letter "e", which is the second letter in the "DEF" triad associated with the "3" key can be entered by hitting "3" key three times in succession.
Like many other relatively low cost products, the apparatus of the invention may also find use as an advertising specialty item bought in large numbers by a single company and then given away to that company's customers or prospective customers. In a preferred advertising specialty embodiment of the invention, a corporate logo, trademark emblem or other identifying indicium 66 is imprinted on the housing 44 of each storage apparatus 30 of a custom ordered lot thereof. Moreover, a brief advertising message comprising a string of alphabetic or alphanumeric characters may be stored in a predetermined portion of the memory 40 and displayed to the user of the apparatus 30 each time it is turned on. For example, the apparatus described above that could contain up to twenty PINs can be reprogrammed to serve as an advertising specialty product by dedicating the memory space otherwise used by four of the twenty identity codes to an advertising message or other message unrelated to identity codes. This message, which could be over thirty characters in length, is then scrolled across the twelve character display 32 whenever the apparatus 30 is turned on and before the user enters his or her access code. It will be appreciated by those skilled in the computer arts that the same hardware can be used for either application. Customizing a batch of escort memory devices 30 can be done before packaging the apparatus by selecting the program to be stored in the microprocessor's ROM 38, storing an advertising message unrelated to any identity code that is to be used in the data memory 40 and by arranging for printing, engraving, or otherwise displaying custom indicia on the outside of the housing 44.
Alternately, the apparatus 30 can be customized after sealing by using a connector comprising a thin contact insertable into a connector in the housing to make electrical contact to appropriate circuit points. This arrangement permits a retailer to use the special writing apparatus to economically add advertising, promotional, or other messages to ones of a relatively small lot of apparatuses 30. In a preferred arrangement, the writing apparatus is configured to have an interface to a desktop computer capable of running the writing software and of displaying the message to be written before it is entered into the apparatus 30.
Although the present invention has been described with respect to several preferred embodiments, many modifications and alterations can be made without departing from the invention. Accordingly, it is intended that all such modifications and alterations be considered as within the spirit and scope of the invention as defined in the attached claims.
INDUSTRIAL APPLICABILITY: The invention provides apparatus and method for conducting secure financial transactions and for acquiring access to secured facilities and equipment.

Claims

1) Apparatus for storing an escort access code and up to a predetermined number of identifying codes, each of the identifying codes respectively associated with a user-generated designation, the apparatus characterized in that:
a computer memory (40) is controlled by a microprocessor (36) to store, at respective locations therein, the escort access code and each of the identifying codes;
a display (32) is controlled by the microprocessor (36) to display one of the identifying codes during a predetermined interval after the user supplies the escort access code to the microprocessor by means of a keypad (34); and
a writing area (46) is disposed on a portion of a housing (44) diat encloses the microprocessor (36), a battery (42) and the computer memory (40), the writing area adapted to have the user-generated designation written thereon.
2) The apparatus of Claim 1 wherein the microprocessor has both a sleep mode and an active mode.
3) The apparatus of Claim 1 wherein the memory is further adapted to store a message unrelated to any of the codes, and wherein the microprocessor is adapted to retrieve the unrelated message and control the display to display the unrelated message whenever the microprocessor switches from a sleep mode to an active mode.
4) The apparatus of Claim 1 wherein the housing is tamper-resistant and is adapted to prohibit replacement of the battery, and wherein the battery is a primary battery.
5) The apparatus of Claim 1 wherein the computer memory comprises an EEROM. 6) A method for storing and retrieving a user-identifying code that is to be supplied to a secure apparatus in order to obtain access thereto, the method comprising the steps of:
a) storing, in an escort memory apparatus that requires entry of a trial access code matching a stored escort access code before displaying the identifying code, the user-identifying code as a record uniquely associated with a respective record label;
b) supplying, by means of a manual input to a keypad, the trial access code to the escort memory apparatus;
c) reading a first message displayed by the escort memory apparatus and, if the first message indicates that the trial access code matches the escort access code, entering, by means of the keypad, the label uniquely associated with the user-identifying code; and
d) reading the user-identifying code displayed by the escort memory apparatus responsive to the input of the unique record labeL
7) The method of Claim 6 further comprising a step subsequent to step a) and prior to step b) of: writing a user-generated designation associated with the secure apparatus on an external portion of the escort memory apparatus, the external portion adjacent indicia representative of the unique record label.
8) The method of Claim 6 wherein the escort memory apparatus stores a second message, unrelated to any of the codes, and displays the second message prior to step b).
9) The method of Claim 6 wherein, if the trial access code supplied in step b) does not match the escort memory access code, the first message indicates to the user that a first repetition of step b) is required and, if the trial access code entered in the first repetition of step b) does not match the escort access code, a second message is displayed indicating that only one more repetition of step b) is allowed before the escort memory apparatus erases all stored codes.
PCT/US2001/003836 2000-02-07 2001-02-06 Password storage apparatus and method WO2001057814A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001234868A AU2001234868A1 (en) 2000-02-07 2001-02-06 Password storage apparatus and method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US49950700A 2000-02-07 2000-02-07
US09/499,507 2000-02-07

Publications (1)

Publication Number Publication Date
WO2001057814A1 true WO2001057814A1 (en) 2001-08-09

Family

ID=23985524

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/003836 WO2001057814A1 (en) 2000-02-07 2001-02-06 Password storage apparatus and method

Country Status (3)

Country Link
AU (1) AU2001234868A1 (en)
GB (1) GB2358948A (en)
WO (1) WO2001057814A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1111556A2 (en) * 1999-12-20 2001-06-27 Iwaki Electronics Co., Ltd. Encryption display card
GB2417581A (en) * 2004-08-31 2006-03-01 Simon Heath Electronic device for storing sensitive data
WO2006072855A2 (en) * 2005-01-04 2006-07-13 Koninklijke Philips Electronics N.V. Card with input elements for entering a pin code and method of entering a pin code
WO2006128214A1 (en) * 2005-06-01 2006-12-07 Michael Hennessy Device for keeping track of passwords
CN100426181C (en) * 2005-10-20 2008-10-15 万国电脑股份有限公司 Pocket memory device with object recognition information and set method of object recognition information
CN112115523A (en) * 2020-09-30 2020-12-22 海南大学 Data self-destruction encryption storage device

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE20121051U1 (en) 2001-12-29 2002-05-29 Bausch, Klaus-Dieter, 45475 Mülheim Mobile phone for creating a digital personal data safe
GB2387254B (en) * 2002-04-05 2005-11-23 Armoursoft Ltd User authentication for computer systems
SG134988A1 (en) * 2003-01-30 2007-09-28 Chow Chiew Ying Method for generating and inputting mnemonic devices and article for registering the input arrangement
US20060146070A1 (en) * 2003-01-30 2006-07-06 Chow Chiew Y Method for generating and inputting mnemonic devices and article for registering the input arrangement
JP2015194947A (en) * 2014-03-31 2015-11-05 ソニー株式会社 Information processing device and computer program

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4801787A (en) 1985-07-05 1989-01-31 Casio Computer Co., Ltd. IC card identification system having first and second data identification functions
FR2657984A1 (en) * 1990-02-07 1991-08-09 Tech Nles Applic Sa Et HELP MEMORY CODE.
US5246375A (en) 1991-09-23 1993-09-21 Wouter Goede Memory aiding device
US5259649A (en) 1990-06-22 1993-11-09 Gur Shomron Credit card
GB2274184A (en) * 1993-01-06 1994-07-13 William Mcintosh Security device
FR2714985A1 (en) * 1994-01-11 1995-07-13 Lenfant Jean Pierre Storage and recovery of personal secret code for transaction card
EP0681258A1 (en) * 1994-05-05 1995-11-08 Alcatel Business Systems Arrangement in particular for telecommunications, combining a device and a memory- and/or-logic-card, corresponding device and card
US5742035A (en) 1996-04-19 1998-04-21 Kohut; Michael L. Memory aiding device for credit card pin numbers
DE29904747U1 (en) * 1999-03-06 1999-05-27 Tillmanns, Friedhelm, 45470 Mülheim Electronic storage medium
NL1008454C2 (en) * 1998-03-03 1999-09-06 Geneva Bancorporation S A Storage and recall of PIN codes for several credit cards etc.
WO1999056520A2 (en) * 1998-04-23 1999-11-11 House Of Added Value Ab A method of storing and retrieving personal codes

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0335384A (en) * 1989-06-30 1991-02-15 Toshiba Corp Portable electronic device
DE29808147U1 (en) * 1998-05-06 1998-08-13 Karle, Friedhelm, 76474 Au Electronic memory card
NL1010221C2 (en) * 1998-09-30 2000-03-31 Klaas Tilma Electronic storage and display unit for multiple PIN codes, allows user to find all his PIN numbers by keying in only one overall PIN number
DE29914022U1 (en) * 1999-03-06 2000-01-20 Tillmanns, Friedhelm, 45470 Mülheim Electronic storage medium
NL1011708C1 (en) * 1999-03-31 2000-10-03 Klaas Tilma PIN code storage device, has bank card shape and size with keys, display and microprocessor chip memory

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4801787A (en) 1985-07-05 1989-01-31 Casio Computer Co., Ltd. IC card identification system having first and second data identification functions
FR2657984A1 (en) * 1990-02-07 1991-08-09 Tech Nles Applic Sa Et HELP MEMORY CODE.
US5259649A (en) 1990-06-22 1993-11-09 Gur Shomron Credit card
US5246375A (en) 1991-09-23 1993-09-21 Wouter Goede Memory aiding device
GB2274184A (en) * 1993-01-06 1994-07-13 William Mcintosh Security device
FR2714985A1 (en) * 1994-01-11 1995-07-13 Lenfant Jean Pierre Storage and recovery of personal secret code for transaction card
EP0681258A1 (en) * 1994-05-05 1995-11-08 Alcatel Business Systems Arrangement in particular for telecommunications, combining a device and a memory- and/or-logic-card, corresponding device and card
US5742035A (en) 1996-04-19 1998-04-21 Kohut; Michael L. Memory aiding device for credit card pin numbers
NL1008454C2 (en) * 1998-03-03 1999-09-06 Geneva Bancorporation S A Storage and recall of PIN codes for several credit cards etc.
WO1999056520A2 (en) * 1998-04-23 1999-11-11 House Of Added Value Ab A method of storing and retrieving personal codes
DE29904747U1 (en) * 1999-03-06 1999-05-27 Tillmanns, Friedhelm, 45470 Mülheim Electronic storage medium

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1111556A2 (en) * 1999-12-20 2001-06-27 Iwaki Electronics Co., Ltd. Encryption display card
EP1111556A3 (en) * 1999-12-20 2004-03-10 Iwaki Electronics Co., Ltd. Encryption display card
GB2417581A (en) * 2004-08-31 2006-03-01 Simon Heath Electronic device for storing sensitive data
WO2006072855A2 (en) * 2005-01-04 2006-07-13 Koninklijke Philips Electronics N.V. Card with input elements for entering a pin code and method of entering a pin code
WO2006072855A3 (en) * 2005-01-04 2006-10-05 Koninkl Philips Electronics Nv Card with input elements for entering a pin code and method of entering a pin code
WO2006128214A1 (en) * 2005-06-01 2006-12-07 Michael Hennessy Device for keeping track of passwords
CN100426181C (en) * 2005-10-20 2008-10-15 万国电脑股份有限公司 Pocket memory device with object recognition information and set method of object recognition information
CN112115523A (en) * 2020-09-30 2020-12-22 海南大学 Data self-destruction encryption storage device

Also Published As

Publication number Publication date
GB0102621D0 (en) 2001-03-21
GB2358948A (en) 2001-08-08
AU2001234868A1 (en) 2001-08-14

Similar Documents

Publication Publication Date Title
US4667087A (en) Secure credit card
US9727813B2 (en) Credit, security, debit cards and the like with buttons
US20070136593A1 (en) Secure information storage apparatus
IL104422A (en) Method and apparatus for magnetically writing on plastic cards
CN101322143A (en) Card having password input key
EP0216937A1 (en) Ic card.
WO2001057814A1 (en) Password storage apparatus and method
JP2004164347A (en) Ic card and method for principal authentication using the same
US20120023422A1 (en) Intelligent portable object comprising graphical personalization data
US6595415B2 (en) IC card processor
GB2255934A (en) Integrated circuit card with display.
WO1997034252A1 (en) Private pin number
US5636271A (en) Security code selector for telephone access card
GB2274184A (en) Security device
EP1082708A1 (en) Visual code recordal and communication thereof
NL1011708C1 (en) PIN code storage device, has bank card shape and size with keys, display and microprocessor chip memory
WO2005081195A1 (en) A memory aid device
EP1817747A1 (en) Identification label
NL1008454C2 (en) Storage and recall of PIN codes for several credit cards etc.
JPH09212723A (en) Personal information transaction device
JPS63136296A (en) Individual identification card
EP0395659A1 (en) Security system
JP2009054109A (en) Memory card
JPS61228567A (en) Electronic personal identification card and its display system
KR200216635Y1 (en) Electronic card wallet

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP