WO2017102098A1 - Financial apparatus and method - Google Patents
Financial apparatus and method Download PDFInfo
- Publication number
- WO2017102098A1 WO2017102098A1 PCT/EP2016/025180 EP2016025180W WO2017102098A1 WO 2017102098 A1 WO2017102098 A1 WO 2017102098A1 EP 2016025180 W EP2016025180 W EP 2016025180W WO 2017102098 A1 WO2017102098 A1 WO 2017102098A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- financial apparatus
- data
- financial
- user
- transactions
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/381—Currency conversion
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F19/00—Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
- G07F19/20—Automatic teller machines [ATMs]
Definitions
- the present disclosure relates to financial apparatus, for example to financial apparatus that is operable to support transactions in cyber-currencies, for example Bitcoin, but not limited thereto. Moreover, the present disclosure concerns methods of operating aforementioned apparatus that is operable, for example, to support transactions in cyber-currencies. Furthermore, the present disclosure relates to computer program products comprising a non-transitory computer- readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute the aforesaid methods. It will be appreciated that the present disclosure concerns apparatus, and methods of using such apparatus, which are technical in nature, and is not focused upon business methods or similar abstract concepts, as such .
- ATM's Automatic transactions machines
- banking organisations via a data communication network
- dispense cash via a mechanism that is operable to deliver money, usually in a form of paper notes, to a cash-dispensing port of the ATM's.
- Cyber-currencies are essentially digital tokens that have value by way of their perceived equivalence to physical resources, for example goods and services, and thus are also exchangeable with fiat currencies.
- cyber-currencies include, for example, Bitcoin, although Bitcoin is special in its manner of creation, namely by way of "Bitcoin mining", and also a way in which transactions using Bitcoins are registered in a block chain, to avoid double spending of Bitcoins.
- cyber-currencies for example Bitcoins
- Efforts have been made to provide smart phone software applications for enabling cyber-currency transactions, but such software applications can be potentially unreliable and are vulnerable to being compromised by malware that contemporarily often afflicts smart phones and similar portable communication devices including computing hardware.
- the aforementioned Bitcoin kiosk/ ATM despite the use of sophisticated security measures, is still capable of being hacked and compromised by malicious third parties.
- malicious third parties are capable of installing eavesdropping circuits into wiring infrastructure of the aforementioned Bitcoin kiosk/ ATM, for example when the Bitcoin kiosk/ ATM is manufactured using proprietary units, for example proprietary scanners and cameras, that are connected together using a standard proprietary form of databus, for example CAN data bus.
- eavesdropping circuits enable third parties to collect sensitive data that subsequently enables the third parties to masquerade as the given customer, for example for purposes of stealing bit-coins by making false entries into a block chain.
- the present disclosure seeks to provide an improved financial apparatus, system and method for providing both cash delivery and payment, with additional special capabilities of relevant communications and other communications in general, for example to increase its security against third party eavesdropping and spyware.
- the present disclosure seeks to provide a financial apparatus, system and method for facilitating processing of transaction in one or more digital currencies, such as "Bitcoin” for example, but without limitations at final assembly as to an exact form of such one or more digital currencies (namely cyber- currencies) . Furthermore, the present disclosure seeks to provide a financial apparatus, system and method with an option to be available to a configuration agent, and/or the installing agent and/or the operator of the system.
- a financial apparatus that is operable to function as a kiosk/ATM device, wherein the financial apparatus includes computing hardware for executing one or more program instructions, and a user- interface arrangement coupled in communication within the financial apparatus to the computing hardware, wherein the user- interface arrangement, in cooperation with the computing hardware, is operable to support at least one of:
- the financial apparatus is constructed in a modular manner, for enabling one or more modules to be added, removed, and/or exchanged, wherein the one or more modules provide functionalities associated with the computing hardware and the user-interface arrangement;
- At least a subset of the one of more modules are mutually coupled and/or coupled to the computing hardware via one or more serial data communication buses.
- the present invention is of advantage in that the financial apparatus is capable of providing effective user support when executing financial transactions, as well as potentially enabling for practical use of cyber-currencies in everyday financial transactions, and the financial apparatus, on account of its modular construction, is capable of being upgraded and improved in situ when in service, within compromising user security.
- the one or more modules are provided with encryption and/or decryption algorithms for encrypting and/or decrypting data that is communicated to and/or from the one more modules, wherein the encryption and/or decryption algorithms are uniquely configured for their respective module.
- At least a subset of the one of more modules are mutually coupled and/or coupled to the computing hardware and include encryption and obfuscation arrangements for dividing data to be communicated between the modules and/or externally from the financial apparatus into multiple parts, which are obfuscated and encrypted for communication within the financial apparatus and/or externally from the financial apparatus, wherein at least one data map is used to describe obfuscation and encryption methods applied to the data to be communicated.
- the data after being divided into the multiple parts is firstly obfuscated and then encrypted, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one-time-pad encryption security standard.
- the data after being divided into the multiple parts is firstly encrypted and then obfuscated, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one-time-pad encryption security standard.
- the data communicated within the financial apparatus is supplemented with additional data for misleading third parties when eavesdropping the data communicated within the financial apparatus.
- the user-interface arrangement includes a telephone-type handset arrangement for providing communication with other users, with support personnel and/or with support avatars for assisting in financial transactions.
- the financial apparatus includes a communication arrangement for coupling the financial apparatus to an external server arrangement, wherein the external server arrangement is operable to couple to at least one of: one or more blockchain associated with cyber-currencies for recording transactions performed in respect of the cyber-currencies, one or more conventional fiat currency banking systems.
- the communication arrangement includes a CAT 5 Internet interface for communicating data to and from the Internet.
- the one or more serial communication buses include a CAN bus.
- the user-interface arrangement includes at least one of: an identity (ID) scanner/reader, a camera for imaging documents and/or a user of the financial apparatus, a printer for printing paper documents associated with transactions executed via use of the financial apparatus.
- ID identity
- the user-interface arrangement includes at least one of: an identity (ID) scanner/reader, a camera for imaging documents and/or a user of the financial apparatus, a printer for printing paper documents associated with transactions executed via use of the financial apparatus.
- ID identity
- the financial apparatus is operable to facilitate at least one of:
- the user-interface arrangement includes an interface for communicating with a user mobile communication device (for example, user's smart phone), wherein the user mobile communication device is operable to cooperate with the financial apparatus for providing at least one of:
- a method of implementing a financial apparatus that is operable to function as a kiosk/ATM device, wherein the financial apparatus includes computing hardware for executing one or more program instructions, and a user-interface arrangement coupled in communication within the financial apparatus to the computing hardware, wherein the user-interface arrangement, in cooperation with the computing hardware, is operable to support at least one of:
- the method includes: (a) mutually coupling at least a subset of the one of more modules and/or coupling at least a subset of the one of more modules to the computing hardware; and
- (b) including encryption and obfuscation arrangements for dividing data to be communicated between the modules and/or externally from the financial apparatus into multiple parts, which are obfuscated and encrypted for communication within the financial apparatus and/or externally from the financial apparatus, wherein at least one data map is used to describe obfuscation and encryption methods applied to the data to be communicated.
- the method includes, after dividing the data into the multiple parts, firstly obfuscating the data to generate obfuscated data, and then encrypting the obfuscated data for being communicated, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one- time-pad encryption security standard.
- the method includes, after dividing the data into the multiple parts, firstly encrypting the data to generate encrypted data, and then obfuscating the encrypted data for being communicated, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one- time-pad encryption security standard.
- the method includes supplementing data communicated within the financial apparatus with additional data for misleading third parties when eavesdropping the data communicated within the financial apparatus.
- the method includes arranging for the user-interface arrangement to include a telephone-type handset arrangement for providing communication with other users, with support personnel and/or with support avatars for assisting in financial transactions.
- the method includes arranging for the financial apparatus to include a communication arrangement for coupling the financial apparatus to an external server arrangement, wherein the external server arrangement is operable to couple to at least one of: one or more blockchain associated with cyber-currencies for recording transactions performed in respect of the cyber-currencies, one or more conventional fiat currency banking systems.
- the method includes arranging for the communication arrangement to include a CAT 5 Internet interface for communicating data to and from the Internet.
- the method includes arranging for one or more serial communication buses to include a CAN bus.
- the method includes arranging for the user-interface arrangement to include at least one of: an identity (ID) scanner/reader, a camera for imaging documents and/or a user of the financial apparatus, a printer for printing paper documents associated with transactions executed via use of the financial apparatus.
- the method includes arranging for the financial apparatus to be operable to facilitate at least one of:
- the method includes arranging for the user-interface arrangement to include an interface for communicating with a user mobile communication device (for example, user's smart phone), wherein the user mobile communication device is operable to cooperate with the financial apparatus for providing at least one of:
- computer program products comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, characterized in that the computer-readable instructions is executable by a computerized device comprising processing hardware to execute a method of the second aspect.
- a system including a plurality of financial apparatus of the first aspect, coupled via a data communication arrangement to a server arrangement, characterized in that the system is operable to facilitate at least one of:
- the system is coupled to at least one fiat currency transaction establishment and/or at least one cyber-currency establishment for enabling at least one:
- a hardware device for use with the financial apparatus of the first aspect, characterized in that the hardware device is couplable to the financial apparatus for exchanging data therewith, and the hardware device includes data processing hardware for applying one of more data transformations to data processed through the hardware device, and wherein the one or more data transformations are hard wired into the hardware device and not readable by interrogating the hardware device.
- the hardware device is provided in a form of a fob that is couplable via a user interface to the financial apparatus when implementing a financial transaction.
- the hardware device is individually customized in respect its owner. More optionally, the hardware device, when used with the financial apparatus, is verifiable in respect of bio-credentials of its owner.
- FIG. 1A to FIG. 1C are schematic illustrations of a financial apparatus, namely a kiosk/ATM device, also known as a "digital vending machine", and its associated system, according to an embodiment of the present disclosure;
- FIG. 2 is a schematic illustration of a rear view of the financial apparatus of
- FIGs. 1A, IB and 1C according to an embodiment of the present disclosure
- FIG. 3 is a schematic illustration of modules of the financial apparatus of FIGs.
- FIG. 4 is an illustrative outline of the financial apparatus of FIGs. 1A, IB and 1C, namely kiosk/ATM, of the present disclosure, wherein access panels are shown;
- FIG. 5A is an illustration of an exemplary financial apparatus, namely kiosk/ ATM device, design of the type which is usable to implement embodiments of the present disclosure
- FIG. 5B is an illustration of a connection arrangement employed in the financial apparatus of FIG. 5A.
- FIG. 6 Is an illustration of a network support for the financial apparatus, namely kiosk/ATM devices, FIGs. 1A, IB and 1C.
- an underlined number is employed to represent an item over which the underlined number is positioned or an item to which the underlined number is adjacent.
- a non-underlined number relates to an item identified by a line linking the non-underlined number to the item.
- the non-underlined number is used to identify a general item at which the arrow is pointing .
- embodiments of the present disclosure concern financial apparatus that are user-operable to perform financial transactions, for example financial transactions concerning one or more of: fiat currency transactions, cyber-currency transactions, user verification/validation, gaming transactions.
- the financial apparatus is conveniently, for example, implemented as a Kiosk/Terminal/ATM device, also known as a "digital vending machine" (DVM).
- DVM digital vending machine
- FIG. IB there is illustrated a plurality of financial apparatus 10 linked via data communication network connection arrangements 80 to a client/server relationship system 100 that in turn interfaces to a financial institution (for example, a national bank).
- a financial institution for example, a national bank
- the financial apparatus in operation employs methods that facilitate transactions of one or more currencies, for example transactions between cyber-currencies and fiat currencies, as well as communications relevant to those transactions or separate communications; for example, the financial apparatus enables a user to convert a portion of his/her account expressed in bitcoins to a fiat currency that is then dispensed from the financial apparatus.
- the financial apparatus is operable to enable a user of the financial apparatus to provide fiat currency to the financial apparatus that subsequently according updates the user's bitcoin account, based upon a prevailing exchange rate between bitcoins and the fiat currency.
- the financial apparatus is operable to implement data communications within the financial apparatus in a highly secure manner, as will be elucidated in greater detail later, as well as data communications from the financial apparatus to its associated system, as illustrated in FIG. IB.
- the secure communications implemented within the financial apparatus assists to prevent third-party unauthorized eavesdropping, but nevertheless enables the financial apparatus to be implemented in a modular manner that allows for in situ upgrades and modifications to the modules.
- the financial apparatus is manufactured from proprietary modular units, to achieve a low cost of production and ease of future upgrading.
- the data communication network connection arrangements 80, and the client/server relationship system 100 When considering FIG. IB, a malicious third party desiring to hack into the financial apparatus 10, the data communication network connection arrangements 80, and the client/server relationship system 100 would firstly try to find a weakest link in such a configuration, and then secondly devise a strategy to attack the configuration .
- the client/server relationship system 100 is typically protected by many layers of professional firewalls and is difficult to penetrate.
- the data communication network connection arrangements 80 are often trunk data connections that carry huge volumes of data and are difficult for a malicious third party to monitor and analyse, unless equipped with huge computing resources.
- the financial apparatus 10 are deployed in large numbers, for example hundreds or thousands of kiosks, often in geographical locations that are not frequented by persons for many hours each day. As a result, malicious third parties will be tempted to try to hack the financial apparatus 10.
- the financial apparatus is operable to employ internally a serial data communication protocol to increase its security of operation; optionally, the communication protocol is a standard protocol, for example CAN bus, that is used by many contemporary equipment manufacturers. Alternatively, the financial apparatus is operable to employ internally a standard serial data bus, together with one or more additional data control lines for use in controlling data flows occurring between modules within the financial apparatus.
- a serial data communication protocol to increase its security of operation; optionally, the communication protocol is a standard protocol, for example CAN bus, that is used by many contemporary equipment manufacturers.
- the financial apparatus is operable to employ internally a standard serial data bus, together with one or more additional data control lines for use in controlling data flows occurring between modules within the financial apparatus.
- data pertaining to financial transactions is fragmented and the resulting fragments are communicated internally within the financial apparatus via a plurality of different data routes between modules of the financial apparatus.
- the fragments are communicated at mutually different times within the financial apparatus to make it even harder for a malicious third party to eavesdrop on sensitive data communicated within the financial apparatus.
- a third party were to try to eavesdrop on a single data connection within the financial apparatus, or to try to substitute an eavesdropping unit is substitution for one of the modules, it would be almost impossible to reconstitute sensitive data relating to a user of the financial apparatus.
- the data communication protocol is encrypted, for example by employing a combination of data fragmentation, obfuscation of resulting data fragments and thereafter encryption of the obfuscated data fragments, namely approaching a "one-time-pad", so that it is substantially impossible for an unauthorized third part to hack into the financial apparatus for eavesdropping, or otherwise corrupting operation of the financial apparatus.
- Similar considerations pertain to communication to and from the financial apparatus to its associated system, wherein such communication is beneficially encrypted and/or obfuscated, for example also approaching a "one-time-pad" degree of data security.
- a given person in general, potentially employs an 'ATM' (advanced teller machine) when paying into an account or receiving money from an account, wherein money is debited or credited in respect of the account, as appropriate.
- the given person is provided with a hardware encoding device that the given user is able to plug into the financial apparatus when making a financial transaction.
- the hardware encoding device is operable to transform data that is presented thereto in operation, to provide corresponding transformed data back to the financial apparatus, wherein the transformation provided by the hardware encoding device is not directly readable from the hardware device.
- the hardware encoding device is a custom integrated circuit, for example a programmable gate logic array (PGLA) or an application-specific integrated circuit (ASIC), in which the transformation is implemented within integrated connections of the custom integrated circuit and therefore not susceptible to being interrogated by malicious third parties.
- the hardware encoding device is provided as a USB-type fob that is inserted by the given person into a USB socket interface provided on the financial apparatus.
- the hardware encoding device is operable both to encrypt and then obfuscate data, wherein such obfuscation is implemented by swapping bits or nibbles of data bytes of encrypted data in a manner known to the financial apparatus or pursuant to a data-map that is accessible to the financial apparatus.
- the hardware encoding device is operable to encrypt data, wherein such encryption is implemented using a robust encryption algorithm, for example PKI or similar in a manner known to the financial apparatus or pursuant to a data-map that is accessible to the financial apparatus.
- the hardware encoding device is operable to obfuscate data, wherein such obfuscation is implemented by swapping bits or nibbles of data bytes of encrypted data in a manner known to the financial apparatus or pursuant to a data-map that is accessible to the financial apparatus.
- Embodiments of the present disclosure relate to financial apparatus, and also to systems including such financial apparatus and methods of operating the financial apparatus and system, for executing transactions in fiat currencies, as well as cyber-currencies; in contradistinction, contemporary ATM's are often only designed to dispense and allow transactions in conventional fiat currencies.
- the financial apparatus of embodiments of the present disclosure is capable of making use of cyber-currencies more practical in everyday life, by providing a practical approach to transfer of financial consideration associated with commercial transactions, namely "buying" and "selling".
- the present disclosure is also concerned with technical methods of operating the financial apparatus, and is not primarily concerned with methods of doing business (that are excluded from patentability in many parts of the World, as such).
- Embodiments of the present disclosure involve both hardware and software elements, wherein details of construction and operation of the elements are elucidated more comprehensively below; the elements are required for constructing and operating the financial apparatus, namely a kiosk/ ATM, according to the embodiments of the present disclosure.
- aspects of the present disclosure may be implemented as a system, a method or a computer program product (namely, a software product). Accordingly, aspects of the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, and so forth), or an embodiment involving a combination of both software and hardware.
- aspects of the present disclosure may take a form of a computer program product embodied in one or more computer readable mediums having computer readable program code embodied thereon.
- FIG. 1A to FIG. 4 An example embodiment of the present disclosure is illustrated in FIG. 1A to FIG. 4, wherein a financial apparatus, implemented as a standalone kiosk/ATM device, namely a "digital vending machine” (DVM), is indicated generally by 10.
- the financial apparatus 10 includes a plurality of modular elements, for example proprietary "off-the-shelf standard electronics modules, that are mutually coupled together via secure encrypted data communication pathways within the financial apparatus 10, namely to avoid unauthorized third parties from trespassing into the financial apparatus 10 to try to corrupt operation of the financial apparatus 10, for example eavesdropping on communications occurring in operation within the financial apparatus 10 for purposes of phishing for sensitive data.
- the secure encrypted data communication pathways are implemented in a manner in which it would be very difficult for a malicious eavesdropping third party to obtain information regarding financial transactions being implemented in operation in the financial apparatus.
- the secure data communication hardware optionally has following characteristics:
- modules implementing the secure data communication hardware are implemented as standard proprietary modules that have been adapted (for example re-programmed and/or hardware reconfigured) to function in the financial apparatus 10.
- the aforesaid modular elements of the .financial apparatus 10 include:
- a note and/or coin validator 20 (namely a fiat currency, for example USD, GBP, note and/or coin validator); such a validator 20 includes optical imaging sensors, note feed mechanisms and local microprocessor control of note scanning; it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
- a note and/or coin dispenser 30 (namely a fiat currency, for example USD, GBP) note and/or coin dispenser); such a dispenser 30 includes mechanical note feed components as well as local microprocessor control; it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
- a printer 40 for printing out receipts, account balances, and other information that may be useful to users of the apparatus 10; optionally, such a printer 40 is a thermal printer, an inkjet printer, a laser printer, or similar; optionally, the printer 40 has a processor control local thereto, wherein it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
- the one or more scanners/readers 50 have a processor control local thereto, wherein it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing ;
- a touch screen display 60 for example, for user input of data, user selections and similar; optionally, the touch screen display 60 is implemented as a LCD or OLED panel display with adjacent tactile keyboard for data entry, or by way of a tactile-sensitive overlay onto a LCD or OLED panel display; optionally, the touch screen display 60 has a processor control local thereto, wherein it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
- a principal processor/controller 70 of the financial apparatus 10 for example for coordinating operation of the modular elements 20 to 60
- a data communication network connection arrangement 80 for example an Internet connection arrangement, so that the principal processor/controller 70 is operable to send and receive data from a system that is external to the financial apparatus 10; optionally, communication via the an Internet connection arrangement 80 is implemented in a highly secure manner, for example by employing a combination of encryption and obfuscation algorithms;
- a telephonic handset or similar 90 for use by users of the financial apparatus 10 to communicate with personnel of the aforesaid system, and/or with an automated avatar supported from the principal processor/controller 70 and/or from the aforesaid system; again, as described in the foregoing, a processor control of the telephonic handset or similar 90 is provided with encryption and/or obfuscation of data generated therein, so that it is not practically possible for malicious third parties to eavesdrop on communication made by a given customer via the telephonic handset or similar 90; and
- a USB or similar serial communication bus interface 95 that is externally accessible to a given user of the financial apparatus 10, for example for coupling a USB hardware device 98 that is customized to the given user and verifiable in respect of bio-credentials of the given user.
- the serial communication bus interface 95 is implemented wirelessly, for example by employing a Bluetooth® or similar protocol.
- the financial apparatus 10 optionally includes other elements, for example 3-D readers (for example for capturing a 3-D image of a given user's face for verification purposes when executing a financial transaction using the financial apparatus 10, an uninterruptable power supply (UPS) including rechargeable batteries, an anti-tampering alarm arrangement as well as immobilizing anchoring to prevent the financial apparatus 10 in its entirety being physically removed and stolen for its fiat currency contents.
- the financial apparatus 10 has an external casing that is fabricated from Boron-hardened stainless steel panel, although less-expensive implementations are possible, for example using reinforced composite components, plastics material components and such like.
- the external casing of the financial apparatus 10 is provided with sensors for detecting potential tampering by malicious third parties, for example when trying to install eavesdropping hardware into the financial apparatus 10.
- the data communication connection arrangement 80 for example a TCP/IP Internet connection arrangement, is optionally implemented by employing a modem (for example a serial modem), a "wi-fi" wireless interface, a wired interface connection, and similar.
- a modem for example a serial modem
- a "wi-fi" wireless interface for example a "wi-fi" wireless interface
- a wired interface connection for example a wired interface connection
- a modem for example a serial modem
- wired interface connection for example a serial modem
- the financial apparatus 10 conveniently employs a contemporary CAT5/Ethernet connection; for example, a CAT5/4-port or CAT5/CAN bridge is optionally employed when implementing the financial apparatus 10.
- the financial apparatus 10 optionally employs TCP/IP, as aforementioned, when communicating externally via the Internet; however, as described in the foregoing, the financial apparatus 10 optionally employs obfuscation and encryption of data communicated via the Internet to avoid eavesdropping and corruption by third parties.
- Such obfuscation and encryption involves steps of:
- the output encrypted data E is processed to recover the given data D by performing an inverse of the steps (i) to (iii) above, namely:
- steps (i) to (iii), likewise (a) to (c), for data security are beneficially implemented, at least in part, within hardware of the financial apparatus 10, and/or within a hardware device that a given customer of the financial apparatus 10 couples to the financial apparatus 10 when attempting to perform a financial transaction using the financial apparatus 10; for example, as illustrated in FIG. 1A, the hardware of the financial apparatus 10 is provided via a hardware device 98 that is couplable by the given customer to the financial apparatus 10 via a serial communication bus interface 95.
- the hardware device 98 is optionally customized to the given customer and verifiable against bio- credentials obtained by the financial apparatus 10 when interacting, in operation, with the given user; malicious third parties would realize that, in attempting to hack the financial apparatus 10 in person, would be recorded and stored in the process of the financial apparatus 10 sensing such bio-credentials.
- the steps (i) to (iii), likewise (a) to (c), are beneficially performed using serial communication of data via serial data communication pathways that include additional control lines for controlling such serial flow of data.
- the additional control lines are, for example, additional to a standard contemporary known type of serial communication bus, for example a serial CAN bus.
- fiat currencies include, for example "USD”, namely an abbreviation for US dollar, "GBP”, namely an abbreviation for United Kingdom pound sterling, Euros and similar.
- the apparatus 10, namely a kiosk/ATM device, via use of its aforementioned processor/controller is operable to run software programs and/or games (when functioning as an entertainments system such as providing "one armed bandit", “fruit machine” or casino-type game playing functionality), and accumulate information from users, for example customers, for use by such programs and/or games, whilst simultaneously managing one or more of:
- currency transactions for example fiat currency and/or cyber- currency transactions
- the apparatus 10 is operable to employ a transaction protocol that involves use of a processor that is programmed to run executable program instructions, wherein the executable program instructions cause the processor to facilitate receipt of one or more of a customer's:
- a photograph for example, a scan of a given user of the apparatus 10 at a time at which a given transaction is implemented using the apparatus 10 (for example a photograph of the given user's face for authorization, identification and/or verification purposes),
- identity information such as performing a passport or identity card scan
- the financial apparatus 10 includes one or more biometric sensors for sensing a biological characteristic (namely "bio-credentials") of a given customer of the financial apparatus 10, for authenticating an identity of the given customer.
- bio-credentials a biological characteristic of a given customer of the financial apparatus 10
- Such one or more biometric sensors optionally includes at least one of: a fingerprint sensor, a palm sensor, a facial sensor (for example, using a 3-D camera to obtain 3-dimensional (3-D) spatial relief information of the given customer's face), a DNA sensor (for example via sweat, sputum, or hair analysis), an audio sensor (for example, a microphone linked to a Fourier spectrum analyzer for determining acoustic parameters of a vocal tract of the given customer), an eye retinal imaging sensor (for example, for imaging retinal information of the given customer),
- a fingerprint sensor for example, using a 3-D camera to obtain 3-dimensional (3-D) spatial relief information of the given customer's face
- a DNA sensor for example via sweat, sputum, or hair analysis
- an audio sensor for example, a microphone linked to a Fourier spectrum analyzer for determining acoustic parameters of a vocal tract of the given customer
- an eye retinal imaging sensor for example, for imaging retinal information of the given customer
- the given data D and/or the encrypted data E is padded with additional padding data which is intended to mislead any third party trying to extract data from the output encrypted data E, for example the padding data includes bogus invalid bank account numbers and bogus financial transactions; this additional padded data potentially confuses a malicious third party that seeks to eavesdrop upon data communications of the financial apparatus 10.
- additional padded data is beneficially communicated between internal modules of the financial apparatus 10 to frustrate eavesdropping by a malicious third party
- the data map M will include information indicative of the padding data and/or a format of the padding data is defined a priori in the system, for example via an earlier data exchange between the financial apparatus 10 and its associated system, see FIG. IB.
- the aforementioned protocol hosted by the financial apparatus 10 is operable to issue a text message to a given user's mobile phone, or an e-mail message to an e-mail address of the given user, or to display a code for the given user's scanner/mobile phone/tablet computer for the scanner/mobile phone/tablet computer itself to perform scanning and processing functions, for example for purposes of providing validation of user identity when performing a financial transaction using the financial apparatus 10, namely kiosk/ATM device.
- Such operation allows data input functionality of the financial apparatus 10 to be enhanced by communicating via user's personal communication devices, for example smart phones.
- Such smart phones are usefully pre-loaded with one or more software applications, namely "apps", that enable the smart phones to function cooperatively with the financial apparatus 10 to enhance a functionality of the financial apparatus 10, for example to use a camera of the smart phone for imaging documents and/or providing images of the user for user-verification purposes.
- the smart phones are implemented to include a key store implemented in memory hardware that is not readable by subsequent software applications loaded into the smart phones, wherein keys stored in the memory hardware can be used to decrypt, encrypt or authenticate data flowing to and from the mobile telephones, thereby improving data security when communicating with the mobile telephones.
- the memory hardware is beneficially supplied with key information at initial power-up of the smart phones (for example when first operated by their owners), before any software applications are installed in the mobile telephones.
- Such an approach makes it very difficult for spyware from malicious third parties to gain access to sensitive customer data.
- the financial apparatus 10 upon processing of the given user's input, namely customer input, via either the screen, keyboard, the user's mobile phone (via a "wifi" data communication connection with from the user's smart telephone to the financial apparatus 10, for example via contemporary BlueTooth communication ("BlueTooth" is a registered trade markTM), the financial apparatus 10 acknowledges the data input via the screen, via sending a text message, via sending an e-mail, or voice synthesis interface of the financial apparatus 10 (for example, helpful when the user is visually handicapped, for example the user is blind) as is necessary to enable a given method of delivery; contingent upon such output being correctly acknowledged by the user (namely customer), the financial apparatus 10 proceeds with a cash or electronic funds transfer as directed by the user, and at the end of such
- the financial apparatus 10 communicates via the data communication network arrangement 80, for example the Internet or a proprietary secure data communication network, to a blockchain server that records transfers of bitcoins from one person to another; in an event of interrogation of the blockchain confirming that sale of the bitcoin is permitted and bona fide, the financial apparatus 10 is operable to dispense the ten $100 (USB) bills (notes) to the user.
- a fiat currency for example ten $100 (USD) bills (notes) in exchange for sale of a bitcoin submitted as data into the financial apparatus 10
- USD $100
- the financial apparatus 10 communicates via the data communication network arrangement 80, for example the Internet or a proprietary secure data communication network, to a blockchain server that records transfers of Bitcoins from one person to another; in an event of interrogation of the blockchain confirming that sale of the bitcoin is permitted and bona fide, the financial apparatus 10 is operable to dispense the ten $100 (USB) bills (notes) to the user.
- USB ten $100
- the user can receive audio/video interactive support via the financial apparatus 10 with a human operator, or with a synthesized avatar, when performing such transaction via the financial apparatus 10, namely kiosk/ATM device.
- embodiments of the present disclosure are not limited to blockchain-based cyber-currencies, and can operate with other token-based cyber-currencies, wherein the tokens are capable of representing a flow of consideration that occurs in any financial transaction.
- a standalone financial apparatus 10 namely kiosk/ATM device, including at least one of following elements:
- printers for providing printed paper receipts, account balances, transaction records and such like;
- one or more lens arrangements and associated optical sensor arrangements for example, "one or more cameras'" for capturing images of user- presented documents, images of the user's face for identification and validation purposes, as well as potentially images of thieves and vandals who may attempt to attack, vandalize or otherwise tamper in an unauthorized manner with the financial apparatus 10;
- one or more image pixel display screens for example, a touch-screen for image presentation and user tactile (or touch proximity) input of information to the financial apparatus 10;
- a telephonic handset of similar for enabling users to have oral and/or video communication with a system supporting the financial apparatus 10, and/or other users that are coupled in communication to the system and/or to the financial apparatus 10.
- the financial apparatus 10 conveniently includes an external frame/case, for example a robust metal or plastics material frame/case, with wiring coordination.
- the case/frame is equipped with tamper sensors that enables the financial apparatus 10 to sense unauthorized tampering and to alert supervisors responsible for the financial apparatus 10 that tampering may have potentially occurred; in such case, the financial apparatus 10 optionally switches to a test investigative mode to check integrity of its module elements, to ensure that none of them have been replaced or compromised in any way.
- the financial apparatus 10 when implemented as a standalone device, optionally includes other components such as a local, internal, reserve power supply, as aforementioned, for example a proprietary modular commercial UPS.
- the computing arrangement locally optionally has one or more processors and/or logic systems, and includes the external communications arrangement as part of its set of functions and connections.
- the standalone financial apparatus 10 facilitates purchase or sale of one or more fiat currencies and/or cyber-currencies by:
- any combination of one or more computer readable media may be utilized for storing computer instructions necessary for implementing the aforementioned financial apparatus 10 and its associated system.
- the computer readable media may be a computer readable signal medium or a computer readable storage medium.
- a computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing . More specific examples (a non- exhaustive list) of the computer readable storage medium includes one or more of:
- RAM random access memory
- electronic solid state data memory for example electronic solid state data memory
- ROM read-only memory
- EPROM or Flash memory an erasable programmable read-only memory
- the financial apparatus 10 includes computing hardware that is operable to execute computer program code instructions for carrying out aforementioned financial transactions, and other user-selected functions, for example communication between users, gaming activities involving a plurality of users and financial rewards for winners of the gaming activities, and such like.
- the computer program code instructions may be written, for example, in any combination of one or more programming languages, including an object oriented programming language such as: Java, Smalltalk, C++ or the like or conventional procedural programming languages, such as the "C" programming language, AJAX, PHP, HTM L, XHTML, Ruby, CSS or similar programming languages; the names of such computer languages includes trade marksTM.
- object oriented programming language such as: Java, Smalltalk, C++ or the like
- conventional procedural programming languages such as the "C" programming language, AJAX, PHP, HTM L, XHTML, Ruby, CSS or similar programming languages; the names of such computer languages includes trade marksTM.
- customer computer languages and associated customer compilers are used for generating program code instructions for controlling operation of the financial apparatus 10.
- Programming code namely executable program code instructions, employed in conjunction with making the financial apparatus 10 function, is optionally configured as a software application, an operating system, as part of a system firmware, or any suitable combination thereof; as aforementioned, in order to enhance security within the financial apparatus 10, namely for data exchanges between modules housed within the financial apparatus 10, data exchanges within the financial apparatus 10 are beneficially performed in a serial data-flow manner, with additional control lines being provided for managing such serial data communication .
- a use of parallel databases for interconnecting the modules of the financial apparatus 10 is preferably avoided .
- data exchanges within the financial apparatus 10 are beneficially performed using fragmented data communicated at a plurality of different times and/or via a plurality of pathways, for example different serial bus wires, and then reconstituted at a given module of the financial system 10 whereat the exchanged data is to be used .
- Such an approach makes it extremely difficult for a malicious third party to try to eavesdrop upon operating communication occurring within the financial apparatus 10.
- the programming code is optionally executed entirely on a given user's computer, for example where an embodiment of the financial apparatus 10 is implemented on the user's smart phone, laptop or tablet computer (for example for providing personal portable banking services), partly on the user's computer, or as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on a remote computer, as described in the foregoing .
- the programming code is optionally implemented on a server as in a client/server relationship system 100 (sometimes contemporarily known as "cloud computing" ' , although conventional real clouds are condensed water in high atmosphere and are not themselves capable of performing computer instructions).
- a remote computer is optionally connected to a given user's computer through any type of data communication network, including a local area network (LAN) or a wide area network (WAN), or the connection is optionally made to an external computer (for example, through the Internet using an Internet Service Provider, via TCP/IP or similar).
- LAN local area network
- WAN wide area network
- embodiments of the present disclosure employ computer program instructions, for example computer program instructions provided to a processor of a general purpose computer, a special purpose computer, or other programmable data processing arrangement to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the foregoing.
- These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
- the computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer-implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing functions of the financial apparatus 10.
- a "terminal" should be understood to be any one of a general purpose computer, as for example a personal computer or a laptop computer, a client computer configured for interaction with a server, a special purpose computer such as a server, or a smart phone, soft phone, tablet computer, personal digital assistant or any other machine that is operable to execute programmable instructions as aforementioned.
- the server arrangement 100 that is spatially remote from the financial apparatus 10, see FIG. IB, is operable to function as an intelligent hub.
- the server arrangement 100 is operable to interface, when required, to a plurality of such financial apparatus 10, and also to financial services structures, for example Bitcoin blockchain, international banking systems (namely, conventional fiat currency backbone systems, for example well-known banks), other cyber- currency systems and such like.
- financial apparatus 10 is capable of having its functionality extended, by way of its operating system being modified, by either local addition of a code/data "driver” or remotely via a "plug-in" (provided via a data communication network, for example the data communication arrangement 80) with control and data traffic over such a network as required to achieve the functions of a desired device.
- Such a functionality enables remote servicing support to be provided to the financial apparatus 10, for example for coping with equipment failure within the financial apparatus 10, or for extending its functionality, or for selectively deactivating portions of the financial apparatus 10 in an event that tampering by unauthorized third parting has been detected (for example substitution of a fiat currency note scanner of the financial apparatus 10 with a false unit that mimics receipt of fiat currency notes).
- the financial apparatus 10 is operable to employ for each financial transaction implemented therethrough a unique encryption algorithm, for example by using a unique transaction key for each financial transaction that is performed, to frustrate malicious third party hackers.
- each financial apparatus 10 is provided with its own unique set of encryption algorithms, such that a malicious third party hacking one given financial apparatus 10 would not be able to export hacking results to use for hacking another of the financial apparatus 10.
- each module of a given financial apparatus 10 is provided with its own unique encryption algorithm to prevent malicious third parties from breaking into a given financial apparatus 10 and merely substituting one module for an eavesdropped corresponding module of substantially mutually similar functional properties.
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
A financial apparatus (10) is operable to function as a kiosk/ ATM device. The financial apparatus (10) includes computing hardware (70) for executing one or more program instructions, and a user-interface arrangement (20, 30, 40, 50, 60) coupled in communication within the financial apparatus (10) to the computing hardware (70). The user-interface arrangement (20, 30, 40, 50, 60), in cooperation with the computing hardware (70), is operable to support at least one of: (i) dispensing fiat currency notes and/or coins against debiting a user account; (ii) receiving fiat currency notes and/or coins for crediting the user account; (iii) performing financial transactions between cyber-currencies and fiat currencies; (iv) playing one or more computer-based games involving fiat currency and/or cyber-currency transactions; and (v) providing communication with support personnel and/or support avatars for assisting in financial transactions. The user-interface arrangement includes a telephone-type handset arrangement (90) for providing communication with other users, with support personnel and/or with support avatars for assisting user when executing financial transactions. The financial apparatus (10) is constructed in a modular manner, for enabling one or more modules to be added, removed, and/or exchanged, wherein the one or more modules provide functionalities associated with the computing hardware (70) and the user-interface arrangement (20, 30, 40, 50, 60). Moreover, at least a subset of the one of more modules are mutually coupled and/or coupled to the computing hardware (70) via one or more serial data communication buses.
Description
FINANCIAL APPARATUS AND METHOD Technical Field
The present disclosure relates to financial apparatus, for example to financial apparatus that is operable to support transactions in cyber-currencies, for example Bitcoin, but not limited thereto. Moreover, the present disclosure concerns methods of operating aforementioned apparatus that is operable, for example, to support transactions in cyber-currencies. Furthermore, the present disclosure relates to computer program products comprising a non-transitory computer- readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute the aforesaid methods. It will be appreciated that the present disclosure concerns apparatus, and methods of using such apparatus, which are technical in nature, and is not focused upon business methods or similar abstract concepts, as such .
Background
Automatic transactions machines (ATM's), also known as "advanced teller machines" are found commonly around the World, and are subject matter of many granted patents. Such ATM's interact with their users, for example read their credit or debit cards, communicate with banking organisations via a data communication network, and also dispense cash via a mechanism that is operable to deliver money, usually in a form of paper notes, to a cash-dispensing port of the ATM's.
In the past, human society operated as a simple barter economy, involving exchange of goods between parties. It was soon appreciated, especially when human society began becoming more sophisticated and complex, that cash was beneficial to use as a representation of value, that could be exchanged for goods. Precious metals, amongst other physical commodities, were used as such cash for representing value, for example Gold and Silver. However, such physical representations of value were perceived in the 20th Century as being a hindrance to economic growth, such that, since around year 1970, many leading World currencies were decoupled from Gold values (namely "Gold standard"), and became "fiat" currencies (namely not backed by any given physical commodity),
as energy-per-capita based on society being supported by fossil fuels (such as oil and gas) reached a substantially maximum value. Earlier experiences with fiat currencies, for example with the Reichmark in Germany around year 1923 ended in hyperinflation and disaster, paving a way for social dysfunction and the Second World War, when savings of middle class Germans, who normally had a stabilizing effect on the German political situation, had been wiped out by hyperinflation associated with the Reichmark.
Since year 1970, introduction of fiat currencies in World financial trading markets has resulted in enormous economic growth Worldwide, but also a huge increase in debt, as debt is susceptible to being potentially created without effort in a fiat currency system (as debt is a promise to "repay later"). Eventually, every fiat currency system collapses; increase in debt and hyperinflation were believed to have been a contributory cause to the collapse of the Roman Empire, many years ago. Banking practices, such as fractional banking systems devised by the Venetians, also resulted in an increase in commercial activity in Europe.
In contemporary times, international finance has been dominated by over- powerful banking institutions abusing their positions of trust (for example, Libor scandal in the United Kingdom and USA), as well as excessive national debt. As a result, there has been a growing interest in alternative currency systems, especially those relating to computer technology, known as "cyber-currencies" . Cyber-currencies are essentially digital tokens that have value by way of their perceived equivalence to physical resources, for example goods and services, and thus are also exchangeable with fiat currencies. Moreover cyber-currencies include, for example, Bitcoin, although Bitcoin is special in its manner of creation, namely by way of "Bitcoin mining", and also a way in which transactions using Bitcoins are registered in a block chain, to avoid double spending of Bitcoins. However, cyber-currencies, for example Bitcoins, are often inconvenient to use for minor everyday transactions, for example purchasing groceries at a supermarket, a drink of tea or coffee at a cafe, or confectionary, for example a bar of chocolate, at a kiosk. Efforts have been made to provide smart phone software applications for enabling cyber-currency transactions, but such software applications can be potentially unreliable and are vulnerable to being compromised by malware that
contemporarily often afflicts smart phones and similar portable communication devices including computing hardware.
In view of the forgoing, it will be appreciated that there arises a major need in human contemporary society for apparatus and associated methods that enable cyber-currencies to be used more effectively.
In a granted United States patent US 9, 135, 787B1 {"Bitcoin kiosk/ATM and system integrating enrollment protocol, and method of using the same", Russell et al.) there is described a standalone Bitcoin kiosk/ ATM device including a bill (i.e. paper cash) validator, a bill dispenser, a printer, one or more scanners/readers, a touch screen display, a processor/controller and wireless Internet connection means (e.. a modem), In operation of the Bitcoin kiosk/ATM, an enrollment (UK English : "enrolment") and security protocol involves using a processor that is programmed to run executable instructions. The executable instructions enable the processor to perform following functions:
(i) to receive a given customer's telephone number via a user interface;
(ii) to transmit a text message including a random code to a mobile telephone of the given customer;
(iii) to receive a confirmation of the random code entered by the given customer via the user interface;
(iv) to receive a personal identification number (PIN) entered by the given customer via the user interface;
(v) to receive a palm vein pattern of the given customer via a biometric interface;
(vi) to receive a customer photograph via a camera; and
(vii) to receive identification data including a photograph via an ID scanner/reader.
All of (i) to (vii) above are concerned with verifying the authenticity of the given customer, when making a commercial transaction that is not based upon any central monetary authority, for example in a peer-to-peer manner.
However, it will be appreciated that the aforementioned Bitcoin kiosk/ ATM, despite the use of sophisticated security measures, is still capable of being hacked and compromised by malicious third parties. Such malicious third parties are capable
of installing eavesdropping circuits into wiring infrastructure of the aforementioned Bitcoin kiosk/ ATM, for example when the Bitcoin kiosk/ ATM is manufactured using proprietary units, for example proprietary scanners and cameras, that are connected together using a standard proprietary form of databus, for example CAN data bus. Such eavesdropping circuits enable third parties to collect sensitive data that subsequently enables the third parties to masquerade as the given customer, for example for purposes of stealing bit-coins by making false entries into a block chain. A further problem arises when Bitcoin kiosk/ATM's and similar cyber-currency apparatus is deployed at various geographical locations and there arises a need for such apparatus to be reconfigured or upgraded. A conventional approach would be to replace an older Bitcoin kiosk/ATM with a new apparatus. However, this is very wasteful on resources. Conversely, if such apparatus is to be upgraded in situ, it needs to be of modular design, such that individual modules can be exchanged or upgraded as technology evolves as a function of time. However, a modular approach of implementing a Bitcoin/ATM, for exampleas described in the US granted patent US 9, 135, 787B1, is potentially problematic in that the modules are potentially accessible to malicious third parties that can seek to eavesdrop the given customers login details.
Summary
The present disclosure seeks to provide an improved financial apparatus, system and method for providing both cash delivery and payment, with additional special capabilities of relevant communications and other communications in general, for example to increase its security against third party eavesdropping and spyware.
Moreover, the present disclosure seeks to provide a financial apparatus, system and method for facilitating processing of transaction in one or more digital currencies, such as "Bitcoin" for example, but without limitations at final assembly as to an exact form of such one or more digital currencies (namely cyber- currencies) .
Furthermore, the present disclosure seeks to provide a financial apparatus, system and method with an option to be available to a configuration agent, and/or the installing agent and/or the operator of the system. According to a first aspect, there is provided a financial apparatus, that is operable to function as a kiosk/ATM device, wherein the financial apparatus includes computing hardware for executing one or more program instructions, and a user- interface arrangement coupled in communication within the financial apparatus to the computing hardware, wherein the user- interface arrangement, in cooperation with the computing hardware, is operable to support at least one of:
(i) dispensing fiat currency notes and/or coins against debiting a user account;
(ii) receiving fiat currency notes and/or coins for crediting the user account;
(iii) performing financial transactions between cyber-currencies and fiat currencies;
(iv) playing one or more computer-based games involving fiat currency and/or cyber-currency transactions; and
(v) providing communication with support personnel and/or support avatars for assisting in financial transactions,
characterized in that:
(vi) the financial apparatus is constructed in a modular manner, for enabling one or more modules to be added, removed, and/or exchanged, wherein the one or more modules provide functionalities associated with the computing hardware and the user-interface arrangement; and
(vii) at least a subset of the one of more modules are mutually coupled and/or coupled to the computing hardware via one or more serial data communication buses.
The present invention is of advantage in that the financial apparatus is capable of providing effective user support when executing financial transactions, as well as potentially enabling for practical use of cyber-currencies in everyday financial transactions, and the financial apparatus, on account of its modular construction, is capable of being upgraded and improved in situ when in service, within compromising user security.
Optionally, in the financial apparatus, the one or more modules are provided with encryption and/or decryption algorithms for encrypting and/or decrypting data that is communicated to and/or from the one more modules, wherein the encryption and/or decryption algorithms are uniquely configured for their respective module.
Optionally, in the financial apparatus, at least a subset of the one of more modules are mutually coupled and/or coupled to the computing hardware and include encryption and obfuscation arrangements for dividing data to be communicated between the modules and/or externally from the financial apparatus into multiple parts, which are obfuscated and encrypted for communication within the financial apparatus and/or externally from the financial apparatus, wherein at least one data map is used to describe obfuscation and encryption methods applied to the data to be communicated.
More optionally, in the financial apparatus when in operation, the data after being divided into the multiple parts is firstly obfuscated and then encrypted, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one-time-pad encryption security standard.
More optionally, in the financial apparatus when in operation, the data after being divided into the multiple parts is firstly encrypted and then obfuscated, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one-time-pad encryption security standard.
Optionally, in the financial apparatus when in operation, the data communicated within the financial apparatus is supplemented with additional data for misleading third parties when eavesdropping the data communicated within the financial apparatus.
Optionally, in the financial apparatus, the user-interface arrangement includes a telephone-type handset arrangement for providing communication with other users, with support personnel and/or with support avatars for assisting in financial transactions.
Optionally, the financial apparatus includes a communication arrangement for coupling the financial apparatus to an external server arrangement, wherein the external server
arrangement is operable to couple to at least one of: one or more blockchain associated with cyber-currencies for recording transactions performed in respect of the cyber-currencies, one or more conventional fiat currency banking systems. More optionally, in the financial apparatus, the communication arrangement includes a CAT 5 Internet interface for communicating data to and from the Internet.
Optionally, in the financial apparatus, the one or more serial communication buses include a CAN bus.
Optionally, in the financial apparatus, the user-interface arrangement includes at least one of: an identity (ID) scanner/reader, a camera for imaging documents and/or a user of the financial apparatus, a printer for printing paper documents associated with transactions executed via use of the financial apparatus.
Optionally, the financial apparatus is operable to facilitate at least one of:
(i) receiving a transaction customer's mobile phone number via a screen and a programmed user interface;
(ii) displaying an access code to a transaction customer, or transmission of the access code to the transaction customer's device (for example, mobile phone, smart phone);
(iii} receiving a reflection, a retype or a reissue, of the access code by the transaction customer or transaction customer's device, thereby confirming the transaction customer's knowledge of the transaction;
(iv) user-entering a personal identification number (PIN number);
(v) receiving a photograph of a transaction customer via an installed camera of the financial apparatus;
(vi) receiving a palm scan, an iris scan, a facial vein scan or other biometric data from an installed scanner/reader of the financial apparatus;
(vii) VoIP oral and/or video communication with customer support personnel and/or an automated avatar; and
(vii) assessing a transaction customer's identity and customer specification/requirements (for example, customer credit worthiness).
Optionally, in the financial apparatus, the user-interface arrangement includes an interface for communicating with a user mobile communication device (for example, user's smart phone), wherein the user mobile communication device is operable to cooperate with the financial apparatus for providing at least one of:
(i) further verification of the user of the financial apparatus;
(ii) additional user input of information to the financial apparatus for supporting one or more transactions implemented by using the financial apparatus; and
(iii) providing a digital confirmation of transactions executed for the user via use of the financial apparatus.
According to a second aspect, there is provided a method of implementing a financial apparatus, that is operable to function as a kiosk/ATM device, wherein the financial apparatus includes computing hardware for executing one or more program instructions, and a user-interface arrangement coupled in communication within the financial apparatus to the computing hardware, wherein the user-interface arrangement, in cooperation with the computing hardware, is operable to support at least one of:
(i) dispensing fiat currency notes and/or coins against debiting a user account;
(ii) receiving fiat currency notes and/or coins for crediting the user account;
(iii) performing financial transactions between cyber-currencies and fiat currencies;
(iv) playing one or more computer-based games involving fiat currency and/or cyber-currency transactions; and
(v) providing communication with support personnel and/or support avatars for assisting in financial transactions,
characterized in that the method includes:
(vi) constructing the financial apparatus in a modular manner, for enabling one or more modules to be added, removed, and/or exchanged, wherein the one or more modules provide functionalities associated with the computing hardware and the user-interface arrangement; and
(vii) mutually coupling at least a subset of the one of more modules and/or coupling at least a subset of the one of more modules to the computing hardware via one or more serial data communication buses.
Optionally, the method includes:
(a) mutually coupling at least a subset of the one of more modules and/or coupling at least a subset of the one of more modules to the computing hardware; and
(b) including encryption and obfuscation arrangements for dividing data to be communicated between the modules and/or externally from the financial apparatus into multiple parts, which are obfuscated and encrypted for communication within the financial apparatus and/or externally from the financial apparatus, wherein at least one data map is used to describe obfuscation and encryption methods applied to the data to be communicated.
More optionally, the method includes, after dividing the data into the multiple parts, firstly obfuscating the data to generate obfuscated data, and then encrypting the obfuscated data for being communicated, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one- time-pad encryption security standard.
More optionally, the method includes, after dividing the data into the multiple parts, firstly encrypting the data to generate encrypted data, and then obfuscating the encrypted data for being communicated, so that data communicated within the financial apparatus and/or externally from the financial apparatus approximates a one- time-pad encryption security standard.
Optionally, the method includes supplementing data communicated within the financial apparatus with additional data for misleading third parties when eavesdropping the data communicated within the financial apparatus.
Optionally, the method includes arranging for the user-interface arrangement to include a telephone-type handset arrangement for providing communication with other users, with support personnel and/or with support avatars for assisting in financial transactions.
Optionally, the method includes arranging for the financial apparatus to include a communication arrangement for coupling the financial apparatus to an external server arrangement, wherein the external server arrangement is operable to couple to at least one of: one or more blockchain associated with cyber-currencies for recording
transactions performed in respect of the cyber-currencies, one or more conventional fiat currency banking systems.
More optionally, the method includes arranging for the communication arrangement to include a CAT 5 Internet interface for communicating data to and from the Internet.
Optionally, the method includes arranging for one or more serial communication buses to include a CAN bus. Optionally, the method includes arranging for the user-interface arrangement to include at least one of: an identity (ID) scanner/reader, a camera for imaging documents and/or a user of the financial apparatus, a printer for printing paper documents associated with transactions executed via use of the financial apparatus. Optionally, the method includes arranging for the financial apparatus to be operable to facilitate at least one of:
(i) receiving a transaction customer's mobile phone number via a screen and a programmed user interface;
(ii) displaying an access code to a transaction customer, or transmission of the access code to the transaction customer's device (for example, mobile phone, smart phone);
(iii} receiving a reflection, a retype or a reissue, of the access code by the transaction customer or transaction customer's device, thereby confirming the transaction customer's knowledge of the transaction;
(iv) user-entering a personal identification number (PIN number);
(v) receiving a photograph of a transaction customer via an installed camera of the financial apparatus;
(vi) receiving a palm scan, an iris scan, a facial vein scan or other biometric data from an installed scanner/reader of the financial apparatus;
(vii) VoIP oral and/or video communication with customer support personnel and/or an automated avatar; and
(vii) assessing a transaction customer's identity and customer specification/requirements (for example, customer credit worthiness).
Optionally, the method includes arranging for the user-interface arrangement to include an interface for communicating with a user mobile communication device (for example, user's smart phone), wherein the user mobile communication device is operable to cooperate with the financial apparatus for providing at least one of:
(i) further verification of the user of the financial apparatus;
(ii) additional user input of information to the financial apparatus for supporting one or more transactions implemented by using the financial apparatus; and
(iii) providing a digital confirmation of transactions executed for the user via use of the financial apparatus.
According to a third aspect, there is provided computer program products comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, characterized in that the computer-readable instructions is executable by a computerized device comprising processing hardware to execute a method of the second aspect.
According to a fourth aspect, there is provided a system including a plurality of financial apparatus of the first aspect, coupled via a data communication arrangement to a server arrangement, characterized in that the system is operable to facilitate at least one of:
(i) one or more cyber-currency transactions and/or one or more fiat currency transactions between at least a sub-set of the financial apparatus and/or with the server arrangement;
(ii) one or more gaming interactions between at least a subset of the plurality of financial apparatus; and
(iii) mutual communication between users of the plurality of financial apparatus and/or with personnel and/or automated avatars of the server arrangement.
Optionally, the system is coupled to at least one fiat currency transaction establishment and/or at least one cyber-currency establishment for enabling at least one:
(a) transactions in one or more fiat currencies;
(b) transactions in one or more cyber-currencies, and
(c) transactions between one or more fiat currencies and one or more cyber- currencies.
More optionally, in the system when in operation, data communicated within the system for one or more of the transactions is implemented using obfuscated and encrypted data portions, whose security standard approaches that of a one-time-pad.
According to a fifth aspect, there is provided a hardware device for use with the financial apparatus of the first aspect, characterized in that the hardware device is couplable to the financial apparatus for exchanging data therewith, and the hardware device includes data processing hardware for applying one of more data transformations to data processed through the hardware device, and wherein the one or more data transformations are hard wired into the hardware device and not readable by interrogating the hardware device.
Optionally, the hardware device is provided in a form of a fob that is couplable via a user interface to the financial apparatus when implementing a financial transaction. Optionally, the hardware device is individually customized in respect its owner. More optionally, the hardware device, when used with the financial apparatus, is verifiable in respect of bio-credentials of its owner.
It will be appreciated that features of the invention are susceptible to being combined in various combinations without departing from the scope of the invention as defined by the appended claims.
Description of the diagrams
Embodiments of the present disclosure will now be described, by way of example only, with reference to the following diagrams wherein :
FIG. 1A to FIG. 1C are schematic illustrations of a financial apparatus, namely a kiosk/ATM device, also known as a "digital vending machine", and its associated system, according to an embodiment of the present disclosure;
FIG. 2 is a schematic illustration of a rear view of the financial apparatus of
FIGs. 1A, IB and 1C, according to an embodiment of the present disclosure;
FIG. 3 is a schematic illustration of modules of the financial apparatus of FIGs.
1A, IB and 1C, namely kiosk/ ATM, of the present disclosure;
FIG. 4 is an illustrative outline of the financial apparatus of FIGs. 1A, IB and 1C, namely kiosk/ATM, of the present disclosure, wherein access panels are shown;
FIG. 5A is an illustration of an exemplary financial apparatus, namely kiosk/ ATM device, design of the type which is usable to implement embodiments of the present disclosure;
FIG. 5B is an illustration of a connection arrangement employed in the financial apparatus of FIG. 5A; and
FIG. 6 Is an illustration of a network support for the financial apparatus, namely kiosk/ATM devices, FIGs. 1A, IB and 1C.
In the accompanying diagrams, an underlined number is employed to represent an item over which the underlined number is positioned or an item to which the underlined number is adjacent. A non-underlined number relates to an item identified by a line linking the non-underlined number to the item. When a number is non-underlined and accompanied by an associated arrow, the non-underlined number is used to identify a general item at which the arrow is pointing .
Description of embodiments of the disclosure
In overview, embodiments of the present disclosure concern financial apparatus that are user-operable to perform financial transactions, for example financial transactions concerning one or more of: fiat currency transactions, cyber-currency transactions, user verification/validation, gaming transactions. The financial apparatus is conveniently, for example, implemented as a Kiosk/Terminal/ATM device, also known as a "digital vending machine" (DVM).
Pursuant to the present disclosure, associated with one or more of such financial apparatus, is an associated system; for example, in FIG. IB, there is illustrated a plurality of financial apparatus 10 linked via data communication network connection arrangements 80 to a client/server relationship system 100 that in turn interfaces to a financial institution (for example, a national bank). Moreover, the financial apparatus in operation employs methods that facilitate transactions of one or more currencies, for example transactions between cyber-currencies and fiat currencies, as well as communications relevant to those transactions or separate communications; for example, the financial apparatus enables a user to
convert a portion of his/her account expressed in bitcoins to a fiat currency that is then dispensed from the financial apparatus. Likewise, the financial apparatus is operable to enable a user of the financial apparatus to provide fiat currency to the financial apparatus that subsequently according updates the user's bitcoin account, based upon a prevailing exchange rate between bitcoins and the fiat currency. The financial apparatus is operable to implement data communications within the financial apparatus in a highly secure manner, as will be elucidated in greater detail later, as well as data communications from the financial apparatus to its associated system, as illustrated in FIG. IB. The secure communications implemented within the financial apparatus assists to prevent third-party unauthorized eavesdropping, but nevertheless enables the financial apparatus to be implemented in a modular manner that allows for in situ upgrades and modifications to the modules. Thus, optionally, the financial apparatus is manufactured from proprietary modular units, to achieve a low cost of production and ease of future upgrading.
When considering FIG. IB, a malicious third party desiring to hack into the financial apparatus 10, the data communication network connection arrangements 80, and the client/server relationship system 100 would firstly try to find a weakest link in such a configuration, and then secondly devise a strategy to attack the configuration . The client/server relationship system 100 is typically protected by many layers of professional firewalls and is difficult to penetrate. The data communication network connection arrangements 80 are often trunk data connections that carry huge volumes of data and are difficult for a malicious third party to monitor and analyse, unless equipped with huge computing resources. However, the financial apparatus 10 are deployed in large numbers, for example hundreds or thousands of kiosks, often in geographical locations that are not frequented by persons for many hours each day. As a result, malicious third parties will be tempted to try to hack the financial apparatus 10. Moreover, service personnel that are contracted to maintain the financial apparatus 10, for example exchange paper rolls therein, clean or repair the financial apparatus 10, will become familiar with the financial apparatus 10 and therefore such personnel are more easily capable of providing information regarding the financial apparatus 10 to malicious third parties. Thus, the financial apparatus 10 potentially represents a weakest region of the configuration for hackers.
In FIG. IB, the financial apparatus is operable to employ internally a serial data communication protocol to increase its security of operation; optionally, the communication protocol is a standard protocol, for example CAN bus, that is used by many contemporary equipment manufacturers. Alternatively, the financial apparatus is operable to employ internally a standard serial data bus, together with one or more additional data control lines for use in controlling data flows occurring between modules within the financial apparatus. For example, depending upon signals communicated via the one or more additional data control lines, data pertaining to financial transactions is fragmented and the resulting fragments are communicated internally within the financial apparatus via a plurality of different data routes between modules of the financial apparatus. Optionally, the fragments are communicated at mutually different times within the financial apparatus to make it even harder for a malicious third party to eavesdrop on sensitive data communicated within the financial apparatus. Thus, if a third party were to try to eavesdrop on a single data connection within the financial apparatus, or to try to substitute an eavesdropping unit is substitution for one of the modules, it would be almost impossible to reconstitute sensitive data relating to a user of the financial apparatus. More optionally, the data communication protocol is encrypted, for example by employing a combination of data fragmentation, obfuscation of resulting data fragments and thereafter encryption of the obfuscated data fragments, namely approaching a "one-time-pad", so that it is substantially impossible for an unauthorized third part to hack into the financial apparatus for eavesdropping, or otherwise corrupting operation of the financial apparatus. Similar considerations pertain to communication to and from the financial apparatus to its associated system, wherein such communication is beneficially encrypted and/or obfuscated, for example also approaching a "one-time-pad" degree of data security. A given person, in general, potentially employs an 'ATM' (advanced teller machine) when paying into an account or receiving money from an account, wherein money is debited or credited in respect of the account, as appropriate. Optionally, the given person is provided with a hardware encoding device that the given user is able to plug into the financial apparatus when making a financial transaction. The hardware encoding device is operable to transform data that is presented thereto
in operation, to provide corresponding transformed data back to the financial apparatus, wherein the transformation provided by the hardware encoding device is not directly readable from the hardware device. For example, the hardware encoding device is a custom integrated circuit, for example a programmable gate logic array (PGLA) or an application-specific integrated circuit (ASIC), in which the transformation is implemented within integrated connections of the custom integrated circuit and therefore not susceptible to being interrogated by malicious third parties. Optionally, the hardware encoding device is provided as a USB-type fob that is inserted by the given person into a USB socket interface provided on the financial apparatus. Optionally, the hardware encoding device is operable both to encrypt and then obfuscate data, wherein such obfuscation is implemented by swapping bits or nibbles of data bytes of encrypted data in a manner known to the financial apparatus or pursuant to a data-map that is accessible to the financial apparatus. Alternatively, optionally, the hardware encoding device is operable to encrypt data, wherein such encryption is implemented using a robust encryption algorithm, for example PKI or similar in a manner known to the financial apparatus or pursuant to a data-map that is accessible to the financial apparatus. Alternatively, optionally, the hardware encoding device is operable to obfuscate data, wherein such obfuscation is implemented by swapping bits or nibbles of data bytes of encrypted data in a manner known to the financial apparatus or pursuant to a data-map that is accessible to the financial apparatus.
Embodiments of the present disclosure relate to financial apparatus, and also to systems including such financial apparatus and methods of operating the financial apparatus and system, for executing transactions in fiat currencies, as well as cyber-currencies; in contradistinction, contemporary ATM's are often only designed to dispense and allow transactions in conventional fiat currencies. The financial apparatus of embodiments of the present disclosure is capable of making use of cyber-currencies more practical in everyday life, by providing a practical approach to transfer of financial consideration associated with commercial transactions, namely "buying" and "selling". Moreover, the present disclosure is also concerned with technical methods of operating the financial apparatus, and is not primarily concerned with methods of doing business (that are excluded from patentability in many parts of the World, as such).
Embodiments of the present disclosure involve both hardware and software elements, wherein details of construction and operation of the elements are elucidated more comprehensively below; the elements are required for constructing and operating the financial apparatus, namely a kiosk/ ATM, according to the embodiments of the present disclosure. As will be appreciated by a person skilled in the art, aspects of the present disclosure may be implemented as a system, a method or a computer program product (namely, a software product). Accordingly, aspects of the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, and so forth), or an embodiment involving a combination of both software and hardware. Furthermore, aspects of the present disclosure may take a form of a computer program product embodied in one or more computer readable mediums having computer readable program code embodied thereon.
An example embodiment of the present disclosure is illustrated in FIG. 1A to FIG. 4, wherein a financial apparatus, implemented as a standalone kiosk/ATM device, namely a "digital vending machine" (DVM), is indicated generally by 10. The financial apparatus 10 includes a plurality of modular elements, for example proprietary "off-the-shelf standard electronics modules, that are mutually coupled together via secure encrypted data communication pathways within the financial apparatus 10, namely to avoid unauthorized third parties from trespassing into the financial apparatus 10 to try to corrupt operation of the financial apparatus 10, for example eavesdropping on communications occurring in operation within the financial apparatus 10 for purposes of phishing for sensitive data. The secure encrypted data communication pathways are implemented in a manner in which it would be very difficult for a malicious eavesdropping third party to obtain information regarding financial transactions being implemented in operation in the financial apparatus. In particular, the secure data communication hardware optionally has following characteristics:
(i) data communication via the data pathways between the modules of the financial apparatus is performed in a serial manner;
(ii) additional non-standard control lines are used to control such serial communication in (i);
(iii) data communication via the pathways is implemented using encrypted data, obfuscated data, or data that has been encrypted and then obfuscated (namely approaching a "one-time-pad");
(iv) data communication via the pathways is performed wherein given data to be communicated is fragmented and then communicated as separate fragments through different pathways and at different times through the pathways, for example pursuant to a pre-defined pattern;
(v) modules implementing the secure data communication hardware are implemented as standard proprietary modules that have been adapted (for example re-programmed and/or hardware reconfigured) to function in the financial apparatus 10.
Such a high degree of security is not typically employed in known Bitcoin- kiosks/ATM's, because it is conventionally assumed that a malicious third party would not attempt to infiltrate within such Bitcoin-kiosks/ATM's for data eavesdropping purposes.
The aforesaid modular elements of the .financial apparatus 10 include:
(i) a note and/or coin validator 20 (namely a fiat currency, for example USD, GBP, note and/or coin validator); such a validator 20 includes optical imaging sensors, note feed mechanisms and local microprocessor control of note scanning; it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
(ii) a note and/or coin dispenser 30 (namely a fiat currency, for example USD, GBP) note and/or coin dispenser); such a dispenser 30 includes mechanical note feed components as well as local microprocessor control; it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
(iii) a printer 40 (for printing out receipts, account balances, and other information that may be useful to users of the apparatus 10); optionally, such a printer 40 is a thermal printer, an inkjet printer, a laser printer, or
similar; optionally, the printer 40 has a processor control local thereto, wherein it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
I one or more scanners/readers 50 (for example a camera device for capturing images of documents, images of users of the apparatus, images of fiat currency notes and/or coins being dispensed from or received into the apparatus 10, and similar); optionally, the one or more scanners/readers 50 have a processor control local thereto, wherein it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing ;
a touch screen display 60 (for example, for user input of data, user selections and similar); optionally, the touch screen display 60 is implemented as a LCD or OLED panel display with adjacent tactile keyboard for data entry, or by way of a tactile-sensitive overlay onto a LCD or OLED panel display; optionally, the touch screen display 60 has a processor control local thereto, wherein it will be appreciated that the local microprocessor control is programmed to provide data to other modules of the financial apparatus 10 in a secure manner using a plurality of data communication pathways, as described in the foregoing;
) a principal processor/controller 70 of the financial apparatus 10, for example for coordinating operation of the modular elements 20 to 60, and a data communication network connection arrangement 80, for example an Internet connection arrangement, so that the principal processor/controller 70 is operable to send and receive data from a system that is external to the financial apparatus 10; optionally, communication via the an Internet connection arrangement 80 is implemented in a highly secure manner, for example by employing a combination of encryption and obfuscation algorithms; and
i) a telephonic handset or similar 90 for use by users of the financial apparatus 10 to communicate with personnel of the aforesaid system, and/or with an automated avatar supported from the principal processor/controller 70
and/or from the aforesaid system; again, as described in the foregoing, a processor control of the telephonic handset or similar 90 is provided with encryption and/or obfuscation of data generated therein, so that it is not practically possible for malicious third parties to eavesdrop on communication made by a given customer via the telephonic handset or similar 90; and
(viii) a USB or similar serial communication bus interface 95 that is externally accessible to a given user of the financial apparatus 10, for example for coupling a USB hardware device 98 that is customized to the given user and verifiable in respect of bio-credentials of the given user. Optionally, the serial communication bus interface 95 is implemented wirelessly, for example by employing a Bluetooth® or similar protocol.
The financial apparatus 10 optionally includes other elements, for example 3-D readers (for example for capturing a 3-D image of a given user's face for verification purposes when executing a financial transaction using the financial apparatus 10, an uninterruptable power supply (UPS) including rechargeable batteries, an anti-tampering alarm arrangement as well as immobilizing anchoring to prevent the financial apparatus 10 in its entirety being physically removed and stolen for its fiat currency contents. Optionally, the financial apparatus 10 has an external casing that is fabricated from Boron-hardened stainless steel panel, although less-expensive implementations are possible, for example using reinforced composite components, plastics material components and such like. Optionally, the external casing of the financial apparatus 10 is provided with sensors for detecting potential tampering by malicious third parties, for example when trying to install eavesdropping hardware into the financial apparatus 10.
The data communication connection arrangement 80, for example a TCP/IP Internet connection arrangement, is optionally implemented by employing a modem (for example a serial modem), a "wi-fi" wireless interface, a wired interface connection, and similar. Within the financial apparatus 10, there is internally employed, for example, interconnections via serial bus, for example contemporary DB-9 CAN bus. Moreover, when interfacing to a data communication network 80, the financial apparatus 10 conveniently employs a contemporary CAT5/Ethernet connection; for example, a CAT5/4-port or CAT5/CAN bridge is optionally employed when implementing the financial apparatus 10. The financial apparatus
10 optionally employs TCP/IP, as aforementioned, when communicating externally via the Internet; however, as described in the foregoing, the financial apparatus 10 optionally employs obfuscation and encryption of data communicated via the Internet to avoid eavesdropping and corruption by third parties. Such obfuscation and encryption involves steps of:
(i) dividing given data D into a plurality of data portions, P(l) to P(n), and recording how the division of the given data D is executed in a data map M;
(ii) swapping one or more bytes between the data portions P(l) to P(n) to provide corresponding obfuscated data portions Q( l ) to Q(n) respectively, and recording such data swaps in the data map M; such swaps are conveniently implemented using a XOR function to process data portions whose data is to be swapped; and
(iii) encrypting the data map M and encrypting one or more of the obfuscated portions Q( l ) to Q(n), and aggregating corresponding encrypted data to generate output encrypted data E for communicating via the data communication network 80.
When received, the output encrypted data E is processed to recover the given data D by performing an inverse of the steps (i) to (iii) above, namely:
(a) decrypting the data map M from the output encrypted data E, and also decrypting the obfuscated portions Q( l ) to Q(n) from the output encrypted data E;
(b) using information in the data map M to perform reverse swaps of data between the obfuscated portions Q( l ) to Q(n) to regenerate the data portions P(l) to P(n); and
(c) using information in the data map M to combine the regenerate data portions P(l) to P(n) together to regenerate the given data D.
It will be appreciated that the steps (i) to (iii), likewise (a) to (c), for data security are beneficially implemented, at least in part, within hardware of the financial apparatus 10, and/or within a hardware device that a given customer of the financial apparatus 10 couples to the financial apparatus 10 when attempting to perform a financial transaction using the financial apparatus 10; for example, as illustrated in FIG. 1A, the hardware of the financial apparatus 10 is provided via a hardware device 98 that is couplable by the given customer to the financial apparatus 10 via a serial communication bus interface 95. The hardware device
98 is optionally customized to the given customer and verifiable against bio- credentials obtained by the financial apparatus 10 when interacting, in operation, with the given user; malicious third parties would realize that, in attempting to hack the financial apparatus 10 in person, would be recorded and stored in the process of the financial apparatus 10 sensing such bio-credentials. Moreover, it will also be appreciated that the steps (i) to (iii), likewise (a) to (c), are beneficially performed using serial communication of data via serial data communication pathways that include additional control lines for controlling such serial flow of data. The additional control lines are, for example, additional to a standard contemporary known type of serial communication bus, for example a serial CAN bus.
In the foregoing, it will be appreciated that fiat currencies include, for example "USD", namely an abbreviation for US dollar, "GBP", namely an abbreviation for United Kingdom pound sterling, Euros and similar. The apparatus 10, namely a kiosk/ATM device, via use of its aforementioned processor/controller is operable to run software programs and/or games (when functioning as an entertainments system such as providing "one armed bandit", "fruit machine" or casino-type game playing functionality), and accumulate information from users, for example customers, for use by such programs and/or games, whilst simultaneously managing one or more of:
(a) one or more currency transactions (for example fiat currency and/or cyber- currency transactions);
(b) one or more customer support enquiries (for example via a video conference facilitated via voice-over-Internet-Protocol (VoIP) or similar);
(c) providing telephonic support as required or programmed to be available, for example for customers who require personal assistance with their financial transactions and who may potentially be unfamiliar with advanced technology devices, for example elderly non-computer-savvy people; and (d) telephone services, for example VoIP, video conferencing with an assistant, and similar, as required (namely "on demand") or programmed to be available (for example, certain types of financial transaction automatically opens a video link for providing personal assistance, in a manner of personal assistance at a counter of an ordinary bank).
The apparatus 10 is operable to employ a transaction protocol that involves use of a processor that is programmed to run executable program instructions, wherein the executable program instructions cause the processor to facilitate receipt of one or more of a customer's:
(i) mobile telephone number (for example via data entry at a touch screen of the apparatus 10);
(ii) a photograph (for example, a scan of a given user of the apparatus 10 at a time at which a given transaction is implemented using the apparatus 10 (for example a photograph of the given user's face for authorization, identification and/or verification purposes),
(iii) identity information (such as performing a passport or identity card scan),
(iv) an e-mail address of the given user (for example, via data entry facility at the screen of the apparatus 10 (for example, for transactions to be logged as output)); and
(v) such other information as may be required for a given transaction to be executed, (and, as required in a given jurisdiction, for example palm print, via a palm reader/scanner or any other form of biometric identification, for example iris scan). Optionally, the financial apparatus 10 includes one or more biometric sensors for sensing a biological characteristic (namely "bio-credentials") of a given customer of the financial apparatus 10, for authenticating an identity of the given customer. Such one or more biometric sensors optionally includes at least one of: a fingerprint sensor, a palm sensor, a facial sensor (for example, using a 3-D camera to obtain 3-dimensional (3-D) spatial relief information of the given customer's face), a DNA sensor (for example via sweat, sputum, or hair analysis), an audio sensor (for example, a microphone linked to a Fourier spectrum analyzer for determining acoustic parameters of a vocal tract of the given customer), an eye retinal imaging sensor (for example, for imaging retinal information of the given customer),
Optionally, the given data D and/or the encrypted data E is padded with additional padding data which is intended to mislead any third party trying to extract data from the output encrypted data E, for example the padding data includes bogus invalid bank account numbers and bogus financial transactions; this additional padded data potentially confuses a malicious third party that seeks to eavesdrop
upon data communications of the financial apparatus 10. Such additional padded data is beneficially communicated between internal modules of the financial apparatus 10 to frustrate eavesdropping by a malicious third party However, the data map M will include information indicative of the padding data and/or a format of the padding data is defined a priori in the system, for example via an earlier data exchange between the financial apparatus 10 and its associated system, see FIG. IB.
Next, operation of the financial apparatus 10 will be described in overview. The aforementioned protocol hosted by the financial apparatus 10 is operable to issue a text message to a given user's mobile phone, or an e-mail message to an e-mail address of the given user, or to display a code for the given user's scanner/mobile phone/tablet computer for the scanner/mobile phone/tablet computer itself to perform scanning and processing functions, for example for purposes of providing validation of user identity when performing a financial transaction using the financial apparatus 10, namely kiosk/ATM device. Such operation allows data input functionality of the financial apparatus 10 to be enhanced by communicating via user's personal communication devices, for example smart phones. Such smart phones are usefully pre-loaded with one or more software applications, namely "apps", that enable the smart phones to function cooperatively with the financial apparatus 10 to enhance a functionality of the financial apparatus 10, for example to use a camera of the smart phone for imaging documents and/or providing images of the user for user-verification purposes. Optionally, the smart phones are implemented to include a key store implemented in memory hardware that is not readable by subsequent software applications loaded into the smart phones, wherein keys stored in the memory hardware can be used to decrypt, encrypt or authenticate data flowing to and from the mobile telephones, thereby improving data security when communicating with the mobile telephones. The memory hardware is beneficially supplied with key information at initial power-up of the smart phones (for example when first operated by their owners), before any software applications are installed in the mobile telephones. Such an approach makes it very difficult for spyware from malicious third parties to gain access to sensitive customer data.
In operation of the financial apparatus 10, upon processing of the given user's input, namely customer input, via either the screen, keyboard, the user's mobile phone (via a "wifi" data communication connection with from the user's smart telephone to the financial apparatus 10, for example via contemporary BlueTooth communication ("BlueTooth" is a registered trade mark™), the financial apparatus 10 acknowledges the data input via the screen, via sending a text message, via sending an e-mail, or voice synthesis interface of the financial apparatus 10 (for example, helpful when the user is visually handicapped, for example the user is blind) as is necessary to enable a given method of delivery; contingent upon such output being correctly acknowledged by the user (namely customer), the financial apparatus 10 proceeds with a cash or electronic funds transfer as directed by the user, and at the end of such a transaction process, the user is either issued with some currency in exchange for some currency available to the financial apparatus 10 for that transaction, or the financial apparatus 10 receives some currency from the user via, for example, a note and/or coin acceptor; such currency includes, for example, use of a cyber-currencies, as aforementioned, as well as fiat currencies; for example, cyber-currency funds can be entered digitally via the financial apparatus 10, for example as a specific sequence of characters, for example numbers. Next, amendment of "the value of the currency in respect of the account specified by the user (namely customer account) occurs; in an event that one or more of these processes fails, the user (namely customer) is not debited or credited, as appropriate, does not receive any issued currency, and is informed as to the failure by a message issued by the financial apparatus 10. For example, in an event that the user is desirous to withdraw from the financial apparatus 10 notes of a fiat currency, for example ten $100 (USD) bills (notes) in exchange for sale of a bitcoin submitted as data into the financial apparatus 10, the financial apparatus 10 communicates via the data communication network arrangement 80, for example the Internet or a proprietary secure data communication network, to a blockchain server that records transfers of bitcoins from one person to another; in an event of interrogation of the blockchain confirming that sale of the bitcoin is permitted and bona fide, the financial apparatus 10 is operable to dispense the ten $100 (USB) bills (notes) to the user. If required, the user can receive audio/video interactive support via the financial apparatus 10 with a human operator, or with a synthesized avatar, when performing such transaction via the financial apparatus 10, namely kiosk/ATM device. However, embodiments
of the present disclosure are not limited to blockchain-based cyber-currencies, and can operate with other token-based cyber-currencies, wherein the tokens are capable of representing a flow of consideration that occurs in any financial transaction.
In one example embodiment of the present disclosure, there is provided a standalone financial apparatus 10, namely kiosk/ATM device, including at least one of following elements:
(i) one or more fiat note and/or coin acceptors, namely "bill validate";
(ii) one or more note and/or coin dispensers, namely 'cash dispenser' (note:
UK English expression here);
(iii) one or more printers, for providing printed paper receipts, account balances, transaction records and such like;
(iv) one or more lens arrangements and associated optical sensor arrangements (for example, "one or more cameras'" for capturing images of user- presented documents, images of the user's face for identification and validation purposes, as well as potentially images of thieves and vandals who may attempt to attack, vandalize or otherwise tamper in an unauthorized manner with the financial apparatus 10);
(v) one or more image pixel display screens (for example, a touch-screen for image presentation and user tactile (or touch proximity) input of information to the financial apparatus 10);
(vi) a computing arrangement, that is operable to provide data processing capabilities in a form of a processor/controller system;
(vii) an external communication arrangement, for providing in operation a communications capability with an external data communication network
(for example, "the internet"); and
(viii) a telephonic handset of similar for enabling users to have oral and/or video communication with a system supporting the financial apparatus 10, and/or other users that are coupled in communication to the system and/or to the financial apparatus 10.
As aforementioned, the financial apparatus 10 conveniently includes an external frame/case, for example a robust metal or plastics material frame/case, with wiring coordination. Optionally, the case/frame is equipped with tamper sensors
that enables the financial apparatus 10 to sense unauthorized tampering and to alert supervisors responsible for the financial apparatus 10 that tampering may have potentially occurred; in such case, the financial apparatus 10 optionally switches to a test investigative mode to check integrity of its module elements, to ensure that none of them have been replaced or compromised in any way. Moreover, the financial apparatus 10, when implemented as a standalone device, optionally includes other components such as a local, internal, reserve power supply, as aforementioned, for example a proprietary modular commercial UPS. The computing arrangement locally optionally has one or more processors and/or logic systems, and includes the external communications arrangement as part of its set of functions and connections.
In operation, the standalone financial apparatus 10 facilitates purchase or sale of one or more fiat currencies and/or cyber-currencies by:
(i) permitting a user to deposit traditional fiat currency (for example, GBP sterling);
(ii) reading/photographing via use of a digital image capture arrangement a code related to a 'digital account' for receiving a given purchased currency;
(iii) confirming that the standalone financial apparatus 10 has sufficient reserves to deliver either the purchased currency or tokens, or obtain such currency or tokens in a short period of time (for example, in a range of one to two minutes, 15 minutes in the case of large quantities of bitcoin in order to allow sufficient time for bitcoin blockchain verification by third parties, as per contemporary Bitcoin principles of operation);
(iv) validating the user's identity for verification, regulatory and/or administrative purposes, at least as to an extent required by an administration of a geographical location at which the financial apparatus 10 is spatially located in and equivalently, but not exclusively, to an extent required by a government of a territory in which the financial apparatus 10 is operated in (for example, "Federal Government' within the U.S.A."); and
(v) enabling one or more voice and/or data communications concurrently or as separate quanta of time, but as parts of a transaction (for example, "user support/voice input" for performing one or more financial transactions).
Other variations, embodiments and features of the present invention will become evident from the following detailed description, drawings and claims.
In embodiments of the present disclosure, any combination of one or more computer readable media may be utilized for storing computer instructions necessary for implementing the aforementioned financial apparatus 10 and its associated system. The computer readable media may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing . More specific examples (a non- exhaustive list) of the computer readable storage medium includes one or more of:
(a) an electrical and/or optical connection having one or more wires and/or fibres (for example delay lines);
(b) a portable computer diskette;
(c) a hard disk of a hard disk drive data memory,
(d) a random access memory (RAM), for example electronic solid state data memory;
(e) a read-only memory (ROM); and
(f) an erasable programmable read-only memory (EPROM or Flash memory).
The financial apparatus 10 includes computing hardware that is operable to execute computer program code instructions for carrying out aforementioned financial transactions, and other user-selected functions, for example communication between users, gaming activities involving a plurality of users and financial rewards for winners of the gaming activities, and such like. The computer program code instructions may be written, for example, in any combination of one or more programming languages, including an object oriented programming language such as: Java, Smalltalk, C++ or the like or conventional procedural programming languages, such as the "C" programming language, AJAX, PHP, HTM L, XHTML, Ruby, CSS or similar programming languages; the names of such computer languages includes trade marks™. Alternatively, customer computer languages and associated customer compilers are used for generating program code instructions for controlling operation of the financial apparatus 10.
Programming code, namely executable program code instructions, employed in conjunction with making the financial apparatus 10 function, is optionally configured as a software application, an operating system, as part of a system firmware, or any suitable combination thereof; as aforementioned, in order to enhance security within the financial apparatus 10, namely for data exchanges between modules housed within the financial apparatus 10, data exchanges within the financial apparatus 10 are beneficially performed in a serial data-flow manner, with additional control lines being provided for managing such serial data communication . In other words, when designing the financial apparatus 10, a use of parallel databases for interconnecting the modules of the financial apparatus 10 is preferably avoided . Moreover, data exchanges within the financial apparatus 10 are beneficially performed using fragmented data communicated at a plurality of different times and/or via a plurality of pathways, for example different serial bus wires, and then reconstituted at a given module of the financial system 10 whereat the exchanged data is to be used . Such an approach makes it extremely difficult for a malicious third party to try to eavesdrop upon operating communication occurring within the financial apparatus 10. The programming code is optionally executed entirely on a given user's computer, for example where an embodiment of the financial apparatus 10 is implemented on the user's smart phone, laptop or tablet computer (for example for providing personal portable banking services), partly on the user's computer, or as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on a remote computer, as described in the foregoing . Yet alternatively, the programming code is optionally implemented on a server as in a client/server relationship system 100 (sometimes contemporarily known as "cloud computing" ', although conventional real clouds are condensed water in high atmosphere and are not themselves capable of performing computer instructions). In such a "cloud computing" scenario, a remote computer is optionally connected to a given user's computer through any type of data communication network, including a local area network (LAN) or a wide area network (WAN), or the connection is optionally made to an external computer (for example, through the Internet using an Internet Service Provider, via TCP/IP or similar).
It will be appreciated that embodiments of the present disclosure employ computer program instructions, for example computer program instructions provided to a processor of a general purpose computer, a special purpose computer, or other programmable data processing arrangement to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the foregoing.
These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer-implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing functions of the financial apparatus 10. As used herein, a "terminal" should be understood to be any one of a general purpose computer, as for example a personal computer or a laptop computer, a client computer configured for interaction with a server, a special purpose computer such as a server, or a smart phone, soft phone, tablet computer, personal digital assistant or any other machine that is operable to execute programmable instructions as aforementioned.
The server arrangement 100, that is spatially remote from the financial apparatus 10, see FIG. IB, is operable to function as an intelligent hub. The server arrangement 100 is operable to interface, when required, to a plurality of such financial apparatus 10, and also to financial services structures, for example Bitcoin blockchain, international banking systems (namely, conventional fiat currency backbone systems, for example well-known banks), other cyber- currency systems and such like.
It will be appreciated that the financial apparatus 10 is capable of having its functionality extended, by way of its operating system being modified, by either local addition of a code/data "driver" or remotely via a "plug-in" (provided via a data communication network, for example the data communication arrangement 80) with control and data traffic over such a network as required to achieve the functions of a desired device. Such a functionality enables remote servicing support to be provided to the financial apparatus 10, for example for coping with equipment failure within the financial apparatus 10, or for extending its functionality, or for selectively deactivating portions of the financial apparatus 10 in an event that tampering by unauthorized third parting has been detected (for example substitution of a fiat currency note scanner of the financial apparatus 10 with a false unit that mimics receipt of fiat currency notes). Optionally, the financial apparatus 10 is operable to employ for each financial transaction implemented therethrough a unique encryption algorithm, for example by using a unique transaction key for each financial transaction that is performed, to frustrate malicious third party hackers. Moreover, optionally, each financial apparatus 10 is provided with its own unique set of encryption algorithms, such that a malicious third party hacking one given financial apparatus 10 would not be able to export hacking results to use for hacking another of the financial apparatus 10. Optionally, each module of a given financial apparatus 10 is provided with its own unique encryption algorithm to prevent malicious third parties from breaking into a given financial apparatus 10 and merely substituting one module for an eavesdropped corresponding module of substantially mutually similar functional properties.
Modifications to embodiments of the invention described in the foregoing are possible without departing from the scope of the invention as defined by the accompanying claims. Expressions such as "including", "comprising", "incorporating", "consisting of", "have", "is" used to describe and claim the present invention are intended to be construed in a non-exclusive manner, namely allowing for items, components or elements not explicitly described also to be present. Reference to the singular is also to be construed to relate to the plural . Numerals included within parentheses in the accompanying claims are intended to assist
understanding of the claims and should not be construed in any way to limit subject matter claimed by these claims.
Claims
1. A financial apparatus (10), that is operable to function as a kiosk/ATM device, wherein the financial apparatus (10) includes computing hardware (70) for executing one or more program instructions, and a user-interface arrangement (20, 30, 40, 50, 60) coupled in communication within the financial apparatus (10) to the computing hardware (70), wherein the user-interface arrangement (20, 30, 40, 50, 60), in cooperation with the computing hardware (70), is operable to support at least one of:
(i) dispensing fiat currency notes and/or coins against debiting a user account;
(ii) receiving fiat currency notes and/or coins for crediting the user account;
(iii) performing financial transactions between cyber-currencies and fiat currencies;
(iv) playing one or more computer-based games involving fiat currency and/or cyber-currency transactions; and
(v) providing communication with support personnel and/or support avatars for assisting in financial transactions,
characterized in that:
(vi) the financial apparatus (10) is constructed in a modular manner, for enabling one or more modules to be added, removed, and/or exchanged, wherein the one or more modules provide functionalities associated with the computing hardware (70) and the user-interface arrangement (20, 30, 40, 50, 60); and
(vii) at least a subset of the one of more modules are mutually coupled and/or coupled to the computing hardware (70) via one or more serial data communication buses.
2. A financial apparatus (10) of claim 1, characterized in that the one or more modules are provided with encryption and/or decryption algorithms for encrypting and/or decrypting data that is communicated to and/or from the one more modules, wherein the encryption and/or decryption algorithms are uniquely configured for their respective module.
3. A financial apparatus (10) of claim 1 or 2, characterized in that at least a subset of the one of more modules are mutually coupled and/or coupled to the
computing hardware (70) and include encryption and obfuscation arrangements for dividing data to be communicated between the modules and/or externally from the financial apparatus (10) into multiple parts, which are obfuscated and encrypted for communication within the financial apparatus (10) and/or externally from the financial apparatus (10), wherein at least one data map is used to describe obfuscation and encryption methods applied to the data to be communicated.
4. A financial apparatus (10) of claim 3, characterized in that the data after being divided into the multiple parts is firstly obfuscated and then encrypted, so that data communicated within the financial apparatus (10) and/or externally from the financial apparatus (10) approximates a one-time-pad encryption security standard.
5. A financial apparatus (10) of claim 3 or 4, characterized in that the data after being divided into the multiple parts is firstly encrypted and then obfuscated, so that data communicated within the financial apparatus (10) and/or externally from the financial apparatus (10) approximates a one-time-pad encryption security standard.
6. A financial apparatus (10) of claim 1, 2, 3, 4 or 5, characterized in that the data communicated within the financial apparatus (10) is supplemented with additional data for misleading third parties when eavesdropping the data communicated within the financial apparatus (10).
7. A financial apparatus (10) of any one of claims 1 to 6, characterized in that the user-interface arrangement includes a telephone-type handset arrangement (90) for providing communication with other users, with support personnel and/or with support avatars for assisting in financial transactions.
8. A financial apparatus (10) of any one of claims 1 to 7, characterized in that the financial apparatus (10) includes a communication arrangement (80) for coupling the financial apparatus (10) to an external server arrangement (100), wherein the external server arrangement (100) is operable to couple to at least one of: one or more blockchain associated with cyber-currencies for recording
transactions performed in respect of the cyber-currencies, one or more conventional fiat currency banking systems.
9. A financial apparatus (10) of claim 8, characterized in that the communication arrangement (80) includes a CAT 5 Internet interface for communicating data to and from the Internet.
10. A financial apparatus (10) of any one of claims 1 to 9, characterized in that the one or more serial communication buses include a CAN bus.
11. A financial apparatus (10) of any one of the preceding claims, characterized in that the user-interface arrangement (20, 30, 40, 50, 60) includes at least one of: an identity (ID) scanner/reader, a camera for imaging documents and/or a user of the financial apparatus (10), a printer for printing paper documents associated with transactions executed via use of the financial apparatus (10).
12. A financial apparatus (10) of any one of the preceding claims, characterized in that the financial apparatus (10) is operable to facilitate at least one of:
(i) receiving a transaction customer's mobile phone number via a screen and a programmed user interface;
(ii) displaying an access code to a transaction customer, or transmission of the access code to the transaction customer's device (for example, mobile phone, smart phone);
(iii} receiving a reflection, a retype or a reissue, of the access code by the transaction customer or transaction customer's device, thereby confirming the transaction customer's knowledge of the transaction;
(iv) user-entering a personal identification number (PIN number);
(v) receiving a photograph of a transaction customer via an installed camera of the financial apparatus (10);
(vi) receiving a palm scan, an iris scan, a facial vein scan or other biometric data from an installed scanner/reader of the financial apparatus (10);
(vii) VoIP oral and/or video communication with customer support personnel and/or an automated avatar; and
(vii) assessing a transaction customer's identity and customer specification/requirements (for example, customer credit worthiness).
13. A financial apparatus (10) of any one of the preceding claims, characterized in that the user-interface arrangement (20, 30, 40, 50, 60) includes an interface for communicating with a user mobile communication device (for example, user's smart phone), wherein the user mobile communication device is operable to cooperate with the financial apparatus (10) for providing at least one of:
(i) further verification of the user of the financial apparatus (10);
(ii) additional user input of information to the financial apparatus (10) for supporting one or more transactions implemented by using the financial apparatus (10); and
(iii) providing a digital confirmation of transactions executed for the user via use of the financial apparatus (10).
14. A method of implementing a financial apparatus (10), that is operable to function as a kiosk/ATM device, wherein the financial apparatus (10) includes computing hardware (70) for executing one or more program instructions, and a user-interface arrangement (20, 30, 40, 50, 60) coupled in communication within the financial apparatus (10) to the computing hardware (70), wherein the user- interface arrangement (20, 30, 40, 50, 60), in cooperation with the computing hardware (70), is operable to support at least one of:
(i) dispensing fiat currency notes and/or coins against debiting a user account;
(ii) receiving fiat currency notes and/or coins for crediting the user account;
(iii) performing financial transactions between cyber-currencies and fiat currencies;
(iv) playing one or more computer-based games involving fiat currency and/or cyber-currency transactions; and
(v) providing communication with support personnel and/or support avatars for assisting in financial transactions,
characterized in that the method includes:
(vi) constructing the financial apparatus (10) in a modular manner, for enabling one or more modules to be added, removed, and/or exchanged, wherein the one or more modules provide functionalities associated with the computing hardware (70) and the user-interface arrangement (20, 30, 40, 50, 60); and
(vii) mutually coupling at least a subset of the one of more modules and/or coupling at least a subset of the one of more modules to the computing hardware (70) via one or more serial data communication buses.
15. A method of claim 14, characterized in that the method includes providing the one or more modules with encryption and/or decryption algorithms for encrypting and/or decrypting data that is communicated to and/or from the one more modules, wherein the encryption and/or decryption algorithms are uniquely configured for their respective module.
16. A method of claim 14 or 15, characterized in that the method includes: (a) mutually coupling at least a subset of the one of more modules and/or coupling at least a subset of the one of more modules to the computing hardware (70); and
(b) including encryption and obfuscation arrangements for dividing data to be communicated between the modules and/or externally from the financial apparatus (10) into multiple parts, which are obfuscated and encrypted for communication within the financial apparatus (10) and/or externally from the financial apparatus (10), wherein at least one data map is used to describe obfuscation and encryption methods applied to the data to be communicated .
17. A method of claim 16, characterized in that the method includes, after dividing the data into the multiple parts, firstly obfuscating the data to generate obfuscated data, and then encrypting the obfuscated data for being communicated, so that data communicated within the financial apparatus (10) and/or externally from the financial apparatus (10) approximates a one-time-pad encryption security standard .
18. A method of claim 16, characterized in that the method includes, after dividing the data into the multiple parts, firstly encrypting the data to generate encrypted data, and then obfuscating the encrypted data for being communicated, so that data communicated within the financial apparatus (10) and/or externally from the financial apparatus (10) approximates a one-time-pad encryption security standard.
19. A method of claim 14, 15, 16, 17 or 18, characterized in that the method includes supplementing data communicated within the financial apparatus (10) with additional data for misleading third parties when eavesdropping the data communicated within the financial apparatus (10).
20. A method of any one of claims 14 to 19, characterized in that the method includes arranging for the user-interface arrangement to include a telephone-type handset arrangement (90) for providing communication with other users, with support personnel and/or with support avatars for assisting in financial transactions.
21. A method of any one of claims 14 to 20, characterized in that the method includes arranging for the financial apparatus (10) to include a communication arrangement (80) for coupling the financial apparatus (10) to an external server arrangement (100), wherein the external server arrangement (100) is operable to couple to at least one of: one or more blockchain associated with cyber-currencies for recording transactions performed in respect of the cyber-currencies, one or more conventional fiat currency banking systems.
22. A method of claim 21, characterized in that the method includes arranging for the communication arrangement (80) to include a CAT 5 Internet interface for communicating data to and from the Internet.
23. A method of any one of claims 14 to 22, characterized in that the method includes arranging for one or more serial communication buses to include a CAN bus.
24. A method of any one of claims 14 to 23, characterized in that the method includes arranging for the user-interface arrangement (20, 30, 40, 50, 60) to include at least one of: an identity (ID) scanner/reader, a camera for imaging documents and/or a user of the financial apparatus (10), a printer for printing paper documents associated with transactions executed via use of the financial apparatus (10).
25. A method of any one of claims 14 to 24, characterized in that the method includes arranging for the financial apparatus (10) to be operable to facilitate at least one of:
(i) receiving a transaction customer's mobile phone number via a screen and a programmed user interface;
(ii) displaying an access code to a transaction customer, or transmission of the access code to the transaction customer's device (for example, mobile phone, smart phone);
(iii} receiving a reflection, a retype or a reissue, of the access code by the transaction customer or transaction customer's device, thereby confirming the transaction customer's knowledge of the transaction;
(iv) user-entering a personal identification number (PIN number);
(v) receiving a photograph of a transaction customer via an installed camera of the financial apparatus (10);
(vi) receiving a palm scan, an iris scan, a facial vein scan or other biometric data from an installed scanner/reader of the financial apparatus (10);
(vii) VoIP oral and/or video communication with customer support personnel and/or an automated avatar; and
(vii) assessing a transaction customer's identity and customer specification/requirements (for example, customer credit worthiness).
26. A method of any one of claims 14 to 25, characterized in that the method includes arranging for the user-interface arrangement (20, 30, 40, 50, 60) to include an interface for communicating with a user mobile communication device (for example, user's smart phone), wherein the user mobile communication device is operable to cooperate with the financial apparatus (10) for providing at least one of:
(i) further verification of the user of the financial apparatus (10);
(ii) additional user input of information to the financial apparatus (10) for supporting one or more transactions implemented by using the financial apparatus (10); and
(iii) providing a digital confirmation of transactions executed for the user via use of the financial apparatus (10).
27. A computer program products comprising a non-transitory computer- readable storage medium having computer-readable instructions stored thereon, characterized in that the computer-readable instructions is executable by a computerized device comprising processing hardware (70) to execute a method of any one of claims 14 to 26.
28. A system (10, 100) including a plurality of financial apparatus (10) of any one of claims 1 to 13, coupled via a data communication arrangement (80) to a server arrangement (100), characterized in that the system (10, 100) is operable to facilitate at least one of:
(i) one or more cyber-currency transactions and/or one or more fiat currency transactions between at least a sub-set of the financial apparatus (10) and/or with the server arrangement (100);
(ii) one or more gaming interactions between at least a subset of the plurality of financial apparatus (10); and
(iii) mutual communication between users of the plurality of financial apparatus (10) and/or with personnel and/or automated avatars of the server arrangement (100).
29. A system (10, 100) of claim 28, characterized in that the system (10, 100) is coupled to at least one fiat currency transaction establishment and/or at least one cyber-currency establishment for enabling at least one :
(a) transactions in one or more fiat currencies;
(b) transactions in one or more cyber-currencies, and
(c) transactions between one or more fiat currencies and one or more cyber- currencies.
30. A system of claim 29, characterized in that data communicated within the system (10, 100) for one or more of the transactions is implemented using obfuscated and encrypted data portions, whose security standard approaches that of a one-time-pad.
31. A hardware device (98) for use with the financial apparatus (10) of any one of claims 1 to 12, characterized in that the hardware device is couplable to the financial apparatus (10) for exchanging data therewith, and the hardware device
(98) includes data processing hardware for applying one of more data transformations to data processed through the hardware device (98), and wherein the one or more data transformations are hard wired into the hardware device (98) and not readable by interrogating the hardware device (98) .
32. A hardware device (98) of claim 31, characterized in that the hardware device (98) is provided in a form of a fob that is couplable via a user interface to the financial apparatus (10) when implementing a financial transaction.
33. A hardware device (98) of claim 31 or 32, characterized in that the hardware device (98) is individually customized in respect its owner.
34. A hardware device (98) of claim 33, characterized in that the hardware device (98), when used with the financial apparatus (!O), is verifiable in respect of bio-credentials of its owner.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1522464.5 | 2015-12-19 | ||
GB1522464.5A GB2545509A (en) | 2015-12-19 | 2015-12-19 | Financial apparatus and method |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017102098A1 true WO2017102098A1 (en) | 2017-06-22 |
Family
ID=55311293
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2016/025180 WO2017102098A1 (en) | 2015-12-19 | 2016-12-16 | Financial apparatus and method |
Country Status (2)
Country | Link |
---|---|
GB (1) | GB2545509A (en) |
WO (1) | WO2017102098A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111127020A (en) * | 2019-12-31 | 2020-05-08 | 深圳市网心科技有限公司 | Transaction data confusion method based on block chain and related equipment |
US10666793B1 (en) | 2018-02-19 | 2020-05-26 | Wells Fargo Bank, N.A. | Secure call center communications |
CN113593140A (en) * | 2021-07-09 | 2021-11-02 | 浪潮金融信息技术有限公司 | Bank note distribution method, system and medium for financial self-service equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7309004B1 (en) * | 2002-12-26 | 2007-12-18 | Diebold Self-Service Systems, Division Of Diebold, Incorporated | Cash dispensing automated banking machine firmware authentication system and method |
US20100299265A1 (en) * | 2007-04-17 | 2010-11-25 | Hypercom Corporation | Methods and systems for security authentication and key exchange |
US20100310069A1 (en) * | 2008-12-09 | 2010-12-09 | Wincor Nixdorf International Gmbh | System and method for secure communication of components inside self-service automats |
US20130262303A1 (en) * | 2012-03-27 | 2013-10-03 | Ebay Inc. | Secure transactions with a mobile device |
US9135787B1 (en) * | 2014-04-04 | 2015-09-15 | Mark Russell | Bitcoin kiosk/ATM device and system integrating enrollment protocol and method of using the same |
-
2015
- 2015-12-19 GB GB1522464.5A patent/GB2545509A/en not_active Withdrawn
-
2016
- 2016-12-16 WO PCT/EP2016/025180 patent/WO2017102098A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7309004B1 (en) * | 2002-12-26 | 2007-12-18 | Diebold Self-Service Systems, Division Of Diebold, Incorporated | Cash dispensing automated banking machine firmware authentication system and method |
US20100299265A1 (en) * | 2007-04-17 | 2010-11-25 | Hypercom Corporation | Methods and systems for security authentication and key exchange |
US20100310069A1 (en) * | 2008-12-09 | 2010-12-09 | Wincor Nixdorf International Gmbh | System and method for secure communication of components inside self-service automats |
US20130262303A1 (en) * | 2012-03-27 | 2013-10-03 | Ebay Inc. | Secure transactions with a mobile device |
US9135787B1 (en) * | 2014-04-04 | 2015-09-15 | Mark Russell | Bitcoin kiosk/ATM device and system integrating enrollment protocol and method of using the same |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10666793B1 (en) | 2018-02-19 | 2020-05-26 | Wells Fargo Bank, N.A. | Secure call center communications |
US11233897B1 (en) | 2018-02-19 | 2022-01-25 | Wells Fargo Bank, N.A. | Secure call center communications |
CN111127020A (en) * | 2019-12-31 | 2020-05-08 | 深圳市网心科技有限公司 | Transaction data confusion method based on block chain and related equipment |
CN111127020B (en) * | 2019-12-31 | 2023-09-15 | 深圳市迅雷网络技术有限公司 | Transaction data confusion method based on blockchain and related equipment |
CN113593140A (en) * | 2021-07-09 | 2021-11-02 | 浪潮金融信息技术有限公司 | Bank note distribution method, system and medium for financial self-service equipment |
Also Published As
Publication number | Publication date |
---|---|
GB201522464D0 (en) | 2016-02-03 |
GB2545509A (en) | 2017-06-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11455862B2 (en) | Devices for gaming | |
US11948419B2 (en) | Devices for gaming | |
US8836473B2 (en) | Dynamic keypad and fingerprinting sequence authentication | |
US8910861B2 (en) | Automatic teller machine (“ATM”) including a user-accessible USB port | |
US20140156535A1 (en) | System and method for requesting and processing pin data using a digit subset for subsequent pin authentication | |
JP2010522933A (en) | Payment system and payment method using IC identification card | |
US20100123003A1 (en) | Method for verifying instant card issuance | |
JP4890774B2 (en) | Financial transaction system | |
KR102168335B1 (en) | Method of and system for gaming | |
WO2014108916A1 (en) | A computer implemented system and method for cashless and cardless transactions | |
WO2017102098A1 (en) | Financial apparatus and method | |
TWI753243B (en) | Shared automation equipment cash deposit and withdrawal service system | |
JP4999288B2 (en) | Automatic transaction equipment | |
JP2008071199A (en) | Transaction system, management information processor, operation information processor, and processing method | |
JP2019106003A (en) | Terminal device, automatic teller machine, transfer processing method, and program | |
US11941596B1 (en) | Electronic banking facility | |
RU2507588C2 (en) | Method of improving security of automated payment system | |
JP2006011919A (en) | Unauthorized trading reporting system | |
JP2016042672A (en) | Settlement system | |
TWM582642U (en) | Shared automation equipment for cash deposit and withdrawal service system | |
CN118447631A (en) | P0S machine information security protection system | |
Beer et al. | 1 st automated cash dispenser to be installed in Australia was at Double Bay branch of The Commercial Banking Co of Sydney Limited. | |
JP2008158866A (en) | Automatic transaction device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16819443 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 16819443 Country of ref document: EP Kind code of ref document: A1 |