EP2359316A2 - Authentication of documents having a magnetic stripe - Google Patents

Authentication of documents having a magnetic stripe

Info

Publication number
EP2359316A2
EP2359316A2 EP09828284A EP09828284A EP2359316A2 EP 2359316 A2 EP2359316 A2 EP 2359316A2 EP 09828284 A EP09828284 A EP 09828284A EP 09828284 A EP09828284 A EP 09828284A EP 2359316 A2 EP2359316 A2 EP 2359316A2
Authority
EP
European Patent Office
Prior art keywords
expansion coefficients
document
card
magnetic stripe
received
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09828284A
Other languages
German (de)
French (fr)
Other versions
EP2359316A4 (en
Inventor
Xiang Fang
Patrick Faith
Craig Kato
Ayman Hammad
Krishan Prasad Koganti
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Visa International Service Association
Original Assignee
Visa International Service Association
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US12/276,227 external-priority patent/US9027831B2/en
Priority claimed from US12/276,212 external-priority patent/US7967203B2/en
Priority claimed from US12/276,095 external-priority patent/US8118220B2/en
Priority claimed from US12/276,224 external-priority patent/US8104677B2/en
Application filed by Visa International Service Association filed Critical Visa International Service Association
Publication of EP2359316A2 publication Critical patent/EP2359316A2/en
Publication of EP2359316A4 publication Critical patent/EP2359316A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/08Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means
    • G06K19/10Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards
    • G06K19/12Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards the marking being sensed by magnetic means

Definitions

  • Embodiments of the present invention relate generally to authenticating a document having a magnetic stripe, and more specifically to authenticating a unique magnetic characteristic of a card (e.g. a credit card). Embodiments of the present invention also relate generally to verifying the identity of a cardholder, and more specifically to using a unique magnetic characteristic of a card (e.g. a credit card) to verify the cardholder identity.
  • a unique magnetic characteristic of a card e.g. a credit card
  • One method for verifying the authenticity of a card uses certain magnetic characteristics of the magnetic stripe to identify cards.
  • the magnetic stripes of individual cards possess inherent, substantially unique, magnetic characteristics (often referred to as a fingerprint or signature).
  • This fingerprint is related to a noise-like component that results from the manufacturing process of the magnetic stripe.
  • Fraud can also occur when a card has been stolen or otherwise misappropriated. In these cases, it is desirable to confirm that the identity of the person using the card is indeed the cardholder of record.
  • Embodiments of the present invention provide methods, systems, and apparatus for efficiently authenticating a document (e.g. a credit card) having a magnetic stripe.
  • a document e.g. a credit card
  • the magnetic field at different points of the magnetic stripe is measured, e.g., by a checkout scanner to create a magnetic signature.
  • digital samples of the measurements are transformed into coefficients of continuous basis functions, e.g., a Fourier transform. These coefficients are then compared (e.g. by a credit card processing entity) to reference coefficients to produce a measure of the authenticity of the document.
  • the number of coefficients used can be smaller than the number of digital samples without compromising accuracy, thus using less bandwidth between a scanner and an authentication entity. Problems associated with mis-alignment of digital samples may also be overcome.
  • Embodiments of the present invention may also provide methods, systems, and apparatus for verifying the identity of a cardholder.
  • a digital representation of a magnetic characteristic of a magnetic stripe of the card is stored on a portable electronic device of the cardholder.
  • the digital signature is then transmitted so that it can be compared with a reference signature on file.
  • an authentication device receives a set of expansion coefficients corresponding to a set of continuous basis functions.
  • the expansion coefficients are based on digital samples of an analog signal representative of the magnetic characteristic.
  • the received expansion coefficients are compared to reference expansion coefficients. Based on the comparison, a measure of an authenticity of the document is provided.
  • a processor of a computing device receives a plurality of digital samples of an analog signal representative of the magnetic characteristic. Based on the digital samples, the processor calculates a set of expansion coefficients corresponding to a set of continuous basis functions. At least a portion of the expansion coefficients are sent to an authentication device that compares the portion of the calculated expansion coefficients to reference expansion coefficients to obtain a measure of the authenticity of the document.
  • the reference signature can be updated, e.g. periodically over time or in response to other factors.
  • the new magnetic signature can be compared to a combination of previously received magnetic signatures.
  • these previously received magnetic signature used in the combination were deemed authentic or had a high probability of being authentic.
  • the effective reference signature may advantageously be in a state that accurately reflects the current state of the authentic magnetic stripe.
  • an authentication device receives a set of values representing the magnetic characteristic.
  • the received values are compared to reference values.
  • the comparing includes determining an error for each received value, wherein each error includes a sum of contributions, each corresponding to a different set of previously received values representing the magnetic characteristic. Based on the comparison, a measure of an authenticity of the document is provided.
  • the reference values e.g. for the digital samples or the transform coefficients
  • a portable device for verifying an identity of a cardholder during a transaction involving a card.
  • a memory stores a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card, where the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe.
  • Input logic receives a request for verification of the identify of the cardholder.
  • Output logic transmits the digital representation to another electronic device in response to receiving the request.
  • the digital representation may be used by the another electronic device, or another device further upstream to verify the identity of the cardholder.
  • a method of verifying an identity of a cardholder during a transaction involving a card is provided.
  • a request for verification of the identify of the cardholder is received at a portable electronic device of the cardholder.
  • a memory of the portable electronic device that stores a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card is accessed.
  • the digital representation is transmitted to another electronic device in response to receiving the request.
  • a method of verifying an identity of a cardholder during a transaction involving a card is provided.
  • a system of an entity associated with an issuer of the card receives a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card.
  • the association may be that the system is run by or communicates with the issuer.
  • the system may process payments for the issuer of the card.
  • the digital representation is sent from a portable electronic device of the cardholder in response to a request for identity verification.
  • the system compares the digital representation to a reference representation. Based on the comparison, a response to the verification request is sent to a requesting device that made the request for the identity verification.
  • a continuous function is a function for which small changes in the input result in small changes in the output.
  • a continuous function that spans a segment has non-zero values for at least a plurality of points along the segment.
  • the cosine function may have a zero at a particular point of the segment (depending on the offset used), the cosine function is defined throughout all space and has non-zero values for other points.
  • FIG. 1A shows a document 100 including a magnetic stripe 105 according to an embodiment of the present invention.
  • FIG. 1 B shows a scanner 120 according to an embodiment of the present invention.
  • FIG. 1 C shows an analog signal 150 obtained from a magnetic read head according to an embodiment of the present invention.
  • FIG. 2 shows a plot 200 of an analog signal 205 that may be sampled to create a magnetic signature of a document according to an embodiment of the present invention.
  • FIG. 3A is a plot 300 of a LDCT basis function according to an embodiment of the present invention.
  • FIG. 3B is a histogram 350 of the expansion coefficients of a representation of a magnetic signature according to an embodiment of the present invention.
  • FIG. 4 is a flowchart of a method 400 for authenticating a document having a magnetic stripe according to an embodiment of the present invention.
  • FIG. 5 is a plot 500 showing a determination of a threshold according to an embodiment of the present invention.
  • FIG. 6 shows a block diagram of a method for authenticating a document according to an embodiment of the present invention.
  • FIG. 7 is a histogram 700 showing a score distribution of a simulation using a bit-by-bit comparison of binary numbers obtained from digital samples of the magnetic signature.
  • FIG. 8 is a histogram 800 showing a score distribution of a simulation where scores are calculated according to an embodiment of the present invention.
  • FIG. 9 shows an exemplary system 20 according to an embodiment of the invention.
  • FIG. 10 shows components or subsystems of a computer apparatus that may be used to perform or be parts of embodiments of the present invention.
  • FIG. 11 is a flowchart of a method 100 for authenticating a document having a magnetic stripe using a portable device according to an embodiment of the present invention.
  • FIG. 12 shows a block diagram of one type of portable consumer device according to an embodiment of the present invention.
  • FIG. 13 is a flowchart of a method for identifying the identity of a cardholder according to an embodiment of the present invention.
  • Embodiments of the present invention provide methods, systems, and apparatus for efficiently authenticating a document (e.g. a credit card) having a magnetic stripe.
  • a document e.g. a credit card
  • the magnetic field at different points of the magnetic stripe are measured, e.g., by a checkout scanner to create a magnetic signature.
  • digital samples of the measurements are transformed into coefficients of continuous basis functions, e.g., a Fourier transform. These coefficients are then compared (e.g. by a credit card processing entity) to reference coefficients to produce a measure of the authenticity of the document.
  • the number of coefficients used can advantageously be smaller than the number of digital samples without compromising accuracy, thus using less bandwidth between a scanner and an authentication entity.
  • the digital samples of the measurements can then be represented in any number of suitable ways, e.g. a binary number or coefficients of continuous basis functions, such as a Fourier transform. These coefficients are then compared (e.g. by a credit card processing entity) to reference coefficients to produce a measure of the authenticity of the document. Reference values (for the digital samples or the transform coefficients) may be based (e.g. optimized) on recent measurements of the authenticated document to provide a more accurate determination of authenticity for future measurements.
  • FIG. 1A shows a document 100 including a magnetic stripe 105 according to an embodiment of the present invention.
  • the document 100 is a card having a plastic substrate 110.
  • Consumer information 115 such as an account number, expiration date, and consumer name may be printed or embossed on the card.
  • Document 100 may include, for example, smart cards, ordinary credit or debit cards, and stored value cards.
  • Information in the magnetic stripe may be in the form of data tracks that are traditionally associated with credits cards.
  • such tracks include Track 1 and Track 2.
  • Track 1 International Air Transport Association
  • Track 2 American Banking Association
  • Track 1 International Air Transport Association
  • Track 2 American Banking Association
  • the card When used for a transaction (e.g. a purchase), the card is swiped though a scanner, for example, at a point of sale terminal.
  • the scanner obtains an account identifier (such as a credit card number), which is then sent for authorization of the purchase, e.g., to a payment processing network as described below.
  • an account identifier such as a credit card number
  • data recorded on the card may be copied to a different card.
  • FIG. 1 B shows a scanner 120 according to an embodiment of the present invention.
  • the scanner may include a channel 125 for guiding a swipe of the card.
  • a magnetic read head 130 senses magnetic fields in the magnetic stripe of the card and creates an electric (analog) signal based on the sensed magnetic fields.
  • the magnetic fields may be the result of data (e.g., a "1" or a "0") recorded on the magnetic stripe.
  • An analog-to-digital converter 135 samples the analog signal at periodic intervals and creates a digital value based on the analog value at the sample values.
  • the digital values may be in binary form or in any other base number (e.g. decimal or base 5).
  • a processor 140 receives the digital values and processes them to create a representation of the magnetic characteristic (signature).
  • the representation includes digital values corresponding to specific points of the card.
  • the points are two dimensional regions of the magnetic stripe.
  • the representation includes expansion coefficients of continuous basis functions, as will be described later.
  • the processor 140 is communicably coupled with a network interface 145 that can be communicably coupled with an external device (e.g. an authentication device) for comparing the representation (e.g. the expansion coefficients) to a reference representation (e.g. values from an original scan of the card). In another embodiment, the processor 140 can perform the comparing.
  • the processor 140 may be part of or be a computing device that determines a magnetic signature of the document. Also, the processor 140 may be enclosed in a separate housing from any scanning device.
  • FIG. 1C shows an analog signal 150 obtained from a magnetic read head according to an embodiment of the present invention.
  • the Y (vertical) axis is the voltage of the analog signal, which corresponds to a strength and/or direction of a magnetic field created by a small part of the magnetic stripe.
  • the X (horizontal) axis is time. The time does correspond to a particular part of the magnetic card. Which particular part of the card that the time corresponds depends on the swipe speed of the card.
  • the line 170 denotes a reference voltage, which may be zero or any other value or polarity.
  • the peaks 155 and 160 correspond to data that has been written onto the magnetic stripe (e.g. a bit of the account number).
  • the space between the peaks is relatively flat and includes noise 165, which may be used as a magnetic signature of the card.
  • U.S. Pat. No. 6,098,881 issued to Deland et al. is directed to using "relatively flat" portions representative of the remnant noise characteristics of the stripe that are located between magnetic transitions to authenticate individual documents. Noise on top of the recorded data may also be used, but this may be more difficult to separate.
  • the noise 165 in the space may be amplified by an amplifier in the read head 130, between the read head and the ADC 135, or in the ADC. This extra amplification may be triggered to occur in between the data peaks 155 and 160. Typically the data peaks 155 and 160 are sampled and turned into bits of 0 or 1.
  • the digital samples of the noise 165 may be binary, decimal, or any other base number.
  • the noise 165 in the magnetic stripe is the result of the manufacturing process.
  • magnetic particles are laid down essentially in a random orientation.
  • different parts of the stripe will have different levels of magnetism, prior to writing data onto the cards, thereby providing a signature for that specific card.
  • a magnetic signature may be taken from one or more predetermined segments of the card. For example, spaces in between multiple data bits may be used. Each space may be used as a separate signature, or as components of the same signature.
  • FIG. 2 shows a plot 200 of an analog signal 205 that may be sampled to create a magnetic signature of a document according to an embodiment of the present invention.
  • the Y axis is the voltage of the analog signal
  • the X axis is time. The time does correspond to a particular part of the magnetic card and depends on the swipe speed of the card.
  • the line 270 is a reference voltage, which is marked as zero.
  • a sensed magnetism in one direction causes a positive voltage
  • a sensed magnetism in another direction provides a negative voltage (relative to the reference voltage 270).
  • the analog signal 205 is sampled at periodic intervals, e.g., by the ADC 135.
  • Points 210 show points at which a digital sample is taken.
  • the point 210(1 ) of the analog signal results in a zero value.
  • increases from point 210(1 ) create a positive sample value, and decreases result in a negative sample value.
  • the point 210(2) receives a value of 1 and the point 210(3) receives a value of 2.
  • the values could be 5 and 9, respectively, depending on the maximum and minimum digital values to be used.
  • the digital values may then be processed, e.g. by processor 140, to determine a representation for the magnetic characteristic.
  • a representation would be simply using the digital sample values themselves. However, the number of sample values may be very large.
  • the representation would look at several sample values over a range.
  • a range may be from 210(1 ) to 210(5), and an average of the values could be used to determine a new value for that range.
  • the new value could be a binary value. In such an instance, the binary value in this case would most likely be 1.
  • the digital sample values are taken as points of a function F(Xi), where Xi is a sample point.
  • the function F(Xi) is then expressed as a series (expansion) of basis functions G(Xi), e.g., continuous basis functions (such as sines or cosines), providing
  • the expansion coefficients C K may then be used as the representation of the magnetic characteristic in the functional space of G.
  • the basis functions G are of a same family, such as Legendre polynomials, Fourier functions (e.g., plane waves and sines/cosines), wavelets, and other like continuous functions.
  • the basis functions Gk(X) provide a Fourier expansion, e.g. using sines or cosines.
  • the expansion coefficients may then be obtained by taking a Fourier transform of the sample points, thus converting the real space representation to a Fourier space representation.
  • An advantage of such a representation is that alignment of the values of the representation would not be as tightly required relative to the reference representation. For example, an oscillating waveform would have the same Fourier components even if it is shifted by an amount in real space.
  • basis functions such as wavelet, fast Fourier transform (FFT), local Fourier transforms, and polynomials.
  • the basis functions may be orthogonal or non- orthogonal. In one embodiment, the basis functions will span the entire space that the sample values cover. Fourier basis functions are such a type of function as they may represent any non-zero function throughout any range.
  • the basis functions G may include a window cut off function.
  • a window function may be used to localize the continuous basis functions to a certain segment of real space (e.g. distance along the magnetic stripe). This may be desirable depending on the type of transform or expansion that is used.
  • LDCT local discrete cosine transforms
  • expansion coefficients If the number of basis functions is less than the number of sample points, then a fitting algorithm (such as a least squares optimization) may be used to determine the expansion coefficients.
  • a fitting algorithm such as a least squares optimization
  • a DCT Discrete Cosine Transform
  • a good information concentration property which means that most of the digital information tends to be concentrated in a few coefficients of the DCT.
  • Such a transform can approach the Karhunen-Loeve transform, which is optimal in the de-correlation sense.
  • digital information can be represented with a fewer bits.
  • a digital signal can be more easily transformed into a different domain without any effective loss of information. This is in part because adding more functions necessarily provides greater accuracy in the representation.
  • the cosine function based orthogonal transform transforms data into a domain where its information is represented as frequencies.
  • FIG. 3A is a plot 300 of a LDCT basis function according to an embodiment of the present invention.
  • the basis function is continuous, and it is local (not strictly zero) over a particular range.
  • the outer envelope 310 of the oscillating function 320 may be defined by the window cutoff function B.
  • the cutoff function B causes the function to be zero or effectively zero (very small) outside of a window, which would coincide with the segment for the magnetic characteristic.
  • These basis functions may be used to represent a particular segment of a magnetic signature or all of the segments of a signature.
  • FIG. 3B is a histogram 350 of the expansion coefficients of a representation of a magnetic signature according to an embodiment of the present invention.
  • the Y axis is the value of each coefficient.
  • the X axis is the index value of the expansion coefficient.
  • the histogram 350 is often called a spectrum, particularly when oscillating basis functions are used (such as sines and cosines).
  • fewer expansion coefficients C than sample points A are used to represent the magnetic characteristic. For example, 128 sample bits may be used, but only 32 expansion coefficients may be used for the representation of the signature. However, the 32 expansion coefficients still describe the magnetic characteristic over the entire range of the signature. In one aspect, the lowest K expansion coefficients are sent. The spectrum of the representation is said to be 32 since this is the number of basis functions used to represent the signature.
  • An advantage of using coefficients of basis functions is that the magnetic signature may be represented more accurately and/or using less numerical values, than does a bit-by-bit representation of the magnetic field in a particular point of the magnetic stripe. Since less numerical values are required to be sent from a scanner to an authentication entity, the leftover bandwidth may be used for additional data. For example, a non-symmetric key (which uses more data) may be used to encrypt the data.
  • FIG. 4 is a flowchart of a method 400 for authenticating a document having a magnetic stripe according to an embodiment of the present invention.
  • the magnetic stripe has a distinct magnetic characteristic that occurs over one or more predetermined segments of the magnetic stripe.
  • the magnetic stripe of a document is scanned to create an analog signal.
  • the scanning may occur at a checkout stand using a point of transaction (POT) terminal (such as a point of sale (POS) terminal) that includes a scanner.
  • POT point of transaction
  • POS terminal may also be a POT terminal.
  • the card is swiped though the POS terminal so that a magnetic read head reads local magnetic fields as the card is being swiped.
  • a time-varying analog electrical signal which corresponds to the sensed magnetic fields, is thus created.
  • a portable device may perform the scanning.
  • the analog signal is sampled to create the digital samples.
  • the ADC 135 can sample the analog signal and create corresponding digital values.
  • the number of sample points may be made much larger than the eventual representation of the signature.
  • the digital values may fall within any range of numbers (e.g., -2 to 2, 0 to 6, etc.).
  • step 430 the digital samples of the analog signal representative of the magnetic characteristic are received at a processor, e.g. processor 140 of a computing device.
  • the processor is in a POS terminal.
  • the processor is not in the POS terminal, but still on an internal network on which the POS terminal resides.
  • the POS terminal may be connected to a processor located in the same store.
  • the processor may be remote from the POS terminal.
  • step 440 the processor calculates a plurality of expansion coefficients of a set of continuous basis functions based on the digital samples.
  • the expansion coefficients may be determined by performing a transform
  • LDCT fast Fourier transform
  • the expansion coefficients are sent to an authentication device that compares the calculated expansion coefficients to reference expansion coefficients, thereby providing a measure of the authenticity of the document.
  • the expansion coefficients are sent as part of a message (e.g. an authentication request) from a POS terminal to a payment processing network.
  • An “authentication device” may include, for example, one or more computer apparatus of a payment processing network, a server computer at an issuer of a credit card (or other document), a POS terminal, or a mobile phone.
  • the scanner can perform the transformation and send only the prescribed coefficients, which may be relatively small compared to the number of digital samples. Thus, bandwidth is advantageously saved and may be used for other purposes.
  • the authentication device receives the expansion coefficients of a set of continuous basis functions based on digital samples of an analog signal representative of the magnetic characteristic.
  • the expansion coefficients may be received as part of a message that contains data recorded on the document (card), such as an account number.
  • the message may be sent via any suitable network protocols, such as TCP, IP, HTTP, SMTP, and FTP.
  • the authentication device compares the calculated expansion coefficients to reference expansion coefficients.
  • the comparison includes a difference between each expansion coefficient and the corresponding reference coefficient. The differences may be summed, given different weights, or provided as multiple inputs to another function. In another embodiment, a difference between functions that receive the expansion coefficients and the reference coefficients is taken.
  • the authentication device may be part of the same system that creates the representation of the magnetic signature.
  • an access device such as a mobile phone may generate the representation of the magnetic signature (e.g. using a scanning device as described above) and perform the comparison to the reference signature..
  • a measure of the authenticity of the document is provided.
  • the measure is a binary result (such as authentic or not).
  • the measure is a probability score in a range (e.g. 0 to 100) with differing values providing less or more probability of the document being authentic. The measure may occur in discrete values (or categories) or in continuous values.
  • a measure providing a 0% probability of authenticity may be defined as any expansion coefficients that provide a difference greater than a specified value.
  • negative values may be used so that there is no specified minimum as to a measure of authenticity.
  • the measure may be compared to one or more threshold values.
  • the measure e.g. a score
  • a threshold is compared to determine a binary result for authenticity. For example, a probability score may be compared to a threshold; and if the score is greater, then the document is considered authentic.
  • the measure may be compared to multiple threshold values to provide discrete categories as to the level of authenticity.
  • the results of step 480 or 490 may then be used with other factors to determine a final risk level of a transaction.
  • the risk levels may be discrete (such as binary or more categories) or continuous.
  • a probability score may be combined with other factors (such as the amount of the transaction, the merchant from which the message was sent, a history of the consumer account) to provide a risk level associated with the transaction.
  • the risk level may occur in discrete values, e.g. on a scale of 1 to N (e.g. 5) or in continuous values. Any of the measures, risk levels, scores, or values may be provided or displayed to other entities (such as the consumer, a merchant, or other computers involved in the transaction).
  • the value(s) to use as threshold may be determined by analyzing the behavior of the measure (e.g. score) resulting from steps 480. In such a manner, a threshold may be chosen that can accurately differentiate between an authentic document and a non-authentic document.
  • the threshold may be a static value or it may be dynamic.
  • FIG. 5 is a plot 500 showing a determination of a threshold according to an embodiment of the present invention.
  • FIG. 5 shows two distributions 520 and 530.
  • the X axis is a score correlating the sensed representation (e.g. expansion coefficients when the method 400 is used) to the reference representation.
  • a score of 100 means a highest agreement with the reference and a 0 means a lowest agreement with the reference.
  • the Y axis relates a number of times (frequency) that a sensed card had a particular score compared to a reference representation.
  • the distributions may be calculated using a fit to the points, or may be a simple interpolation.
  • the fit may use any standard distribution functions such as a Gaussian, normal, or other suitable distribution.
  • the distribution 520 shows the distribution of scores from multiple different cards, which are not the authentic card. These scores were determined by swiping the cards through a scanner, comparing a representation of a magnetic signature, and determining the score.
  • the distribution 530 is for signatures from the authentic card. These scores were determined from multiple swipes of the authentic card through a scanner. As one can see the score is typically not 100 all of the time for different swipes of the same card, nor is the score 0 for all of the swipes of a different card.
  • a threshold method searches the best position where the overlap of two distributions is minimized. Such a threshold method may provide a compromise between false negative and false positives.
  • the false negatives are the points of distribution 530 that are to the left of the threshold line 510.
  • the false positives are the points of distribution 520 that are to the right of the threshold line 510. Since neither one of these inaccurate categorizations of the card is desirable, it is generally not good to obtain zero false negatives, only to allow more false positives, or vice versa.
  • the intersection of the two distributions is taken as a threshold, as shown in plot 500.
  • This threshold may be used as a static value for all cards of a similar type.
  • a threshold of 51 provides an accurate value given the distribution of scores to be expected for a particular type of card.
  • the threshold may also be dynamic in that a new distribution may be determined for each new data point obtained.
  • the new data points may be particular to a specific card, and thus each card would have specific distributions, and thus different thresholds.
  • all cards of the same type would start with the same threshold. But, with each new score (or every N new scores) associated with that card, the distribution would be updated and a new threshold calculated. Additionally, the reference representation of the signature may be updated periodically as new scores are received. Such methods will now be described.
  • FIG. 6 shows a block diagram of a method 600 for authenticating a document according to an embodiment of the present invention.
  • the steps may be done by different entities.
  • steps 610 and 620 may be performed by a POS terminal, while the rest of the steps may be done by an authentication entity (such as a payment processing network).
  • an authentication entity such as a payment processing network
  • a sensed signature is received, or otherwise input, into the system.
  • the input signature is the analog signal resulting from the sensing of the magnetic stripe.
  • the input signature is the digital sample values resulting from an AD conversion of the analog signal.
  • the signature is transformed.
  • the digital samples are transformed into a representation of continuous basis functions by calculating expansion coefficients of the basis functions, as described herein.
  • a transformation may be made from the real space digital samples into a frequency space spanned by the basis functions.
  • each coefficient would represent a different frequency of oscillation of the data point values.
  • the transformation is simply a conversion of the analog input signature into digital samples.
  • a measure (e.g. a score) is calculated by comparing the transformed signature values to the reference values.
  • the measure may be calculated in a manner as described herein.
  • the algorithm may perform a correlation match, e.g. by calculating an error (e.g. a difference) between the values.
  • the score is a distance, or error of an EM signature to the reference signature, thus it is a measure of a correlation.
  • the higher score the closer the sensed signature is to the reference signature.
  • the calculated score is compared to a threshold value.
  • the threshold e.g. threshold 510
  • the threshold value may be one that was previously received from block 680 or a threshold value that was just received from block 680 (i.e. was updated in response to the input signature).
  • the signature is determined (block 650) to be a match (i.e. an authenticated document). In another embodiment, if the score is greater than the threshold, then the signature is determined to be a match. This embodiment can be equivalent to the greater than or equal embodiment when threshold is lowered by one unit of accuracy.
  • the signature is determined (block 660) to not be a match (i.e. not an authenticated document). In another embodiment, if the score is less than the threshold, then the signature is determined to not be a match. This embodiment can be equivalent to the less than or equal embodiment when threshold is increased by one unit of accuracy. Note that the matching and not matching can be reversed based on a threshold when a lower score means a greater degree of matching. Also, there may be multiple thresholds that are used to determine more than two categorizations.
  • the reference representation (values) is optionally updated. Because each time a card is swiped some additional noise (error) may be introduced onto the signature (e.g. physically disturbing the magnetic particles of the magnetic stripe). This introduced error will lower the score of the authentic card with respect to the reference signature, which was obtained from an original swipe of the authentic card.
  • the reference signature is updated after N authentic input signatures have been received, where N may be any integer including 1.
  • the representation of each authenticated input signature is added into the reference. For example, a fixed amount (such as 10%) of the new, authenticated input signature is added into the reference. In another embodiment, the amount is weighted by the score. A higher score may cause a higher amount of that representation to be added, and lower score may cause a lower amount of that representation to be added. A normalization may be done after this adding.
  • an artificial neural network is used to optimize the reference signature.
  • Other optimization methods may also be used.
  • the reference is updates in such way that the error introduced in each card swiping is minimized, and therefore, the score is more accurate to detect counterfeit card.
  • an optimization algorithm is used to maximize the score of the previous signatures relative to the new reference values. The error minimization or the score maximization may be performed for all previous input signatures or just for a portion of them.
  • the new reference values are a combination of previous input values for an authenticated signature. Accordingly, when any of the new reference values (as determined by any method herein) is compared to the input signature (e.g. coefficients), an error associated with value has contributions from each of the previous input signatures that are used to create the reference values.
  • the input signature e.g. coefficients
  • Examples of parameters used in the ANN are as follows.
  • One parameter is the target value for which the optimization strives to achieve.
  • the target value has a value close to 1.
  • a parameter "eta” is a relatively small number (e.g. 0.01 ) that controls how fast the ANN converges.
  • a parameter "delta” is a very small number (e.g. 0.0001 ) that is used to determine when to stop iteration of the ANN. A maximum number of iterations to be allowed in ANN may be specified to prevent runaway calculations.
  • the correlation value from the ANN falls between -1 and 1 where a "1 " implies two variables are exactly same, and a "-1 " implies the worst discrepancy.
  • the closes the output is to 1 the closer to the reference signature (i.e. a match). Therefore, the closest result to one (as is practical) may be chosen as the adapted reference signature.
  • the score is an integer value corresponding to the output "Y" of the ANN. In one aspect, the score is 100 times Y, which is rounded to nearest whole-number. For example, if ANN outputs 0.91 , then, the score is 91.
  • a value may be chosen that is close to "1 ", e.g. 0.99.
  • the ANN optimize itself to target value with error less than delta, e.g. 0.0001.
  • the threshold used in block 640 may also be considered a parameter since it is used to determine whether a particular input signature is authentic. Since in one embodiment only authentic signatures (ones that match) are used to updated the reference, the threshold affects when the ANN updates the reference. Different version of the ANN may be used depending on the type of application and the type of cards to be used.
  • the ANN is a nonlinear classifier having three layers with the middle layer being hidden.
  • input net has 32 values
  • the middle net has 6 values
  • the output net has 2 values.
  • a new threshold is computed.
  • the threshold may simply be computed by adding the new score point, and determining a new distribution.
  • new scores for the previously calculated signature may be determined based on the new reference signature, and the new distribution can be calculated. This threshold may then be used for the next input signature that is received.
  • the threshold is updated after the change of distribution of scores reaches a significant level compared to the distribution that was previously used to calculate the threshold.
  • the change is the normalized difference at each score. Such a change may occur after scores of signature of many new swipes have been included in the distribution.
  • a degradation of the magnetic stripe may be accounted for.
  • a magnetic stripe may have certain magnetic particles dislodged or removed, for example, by scratches. This could alter a signature. If the reference signature stayed the same, then it would be more difficult to distinguish a different card (in effect that card has become different due to the decay).
  • the decay may be seen as a shifting to the left of the distribution 530 of FIG. 5.
  • the threshold could change, but the amount of false positives or negatives would still increase, resulting in less accuracy.
  • the distribution 530 can be made to stay further right, thus giving a better separation from distributions resulting from different cards.
  • a reference signature was chosen from a swipe of a card. For 50 iterations, noise was added to the reference signature. For each iteration, some amount of noise was added by randomly choosing a value in ⁇ -2, -1 , 1 , 2 ⁇ and adding that one value to the signature at 5 random positions. Signatures for different cards (i.e. not the reference card) were obtained by swiping those cards. No noise was added to these signatures of the different.
  • FIG. 7 is a histogram 700 showing a score distribution of a simulation using a bit-by-bit comparison of binary numbers obtained from digital samples of the magnetic signature.
  • the X axis relates a score from 0 to 200, with 200 being the best match.
  • the Y axis is the number of signatures that had a particular score.
  • Each of the scores is computed from the original reference signature, i.e. before adding noise to simulate additional swipes.
  • the scores 720 show the scores from different cards than the reference card. As one can see, the scores 720 are generally clustered to the left of a threshold 710, which was calculated using to minimize the false positives and false negatives (also termed the overlap). However, there are a few scores that are present to the right of the threshold 710, which is at a score of 117.
  • the scores 730 are the scores from the signatures where noise was added to the reference signature.
  • the scores 730 are generally clustered to the right of the threshold 710. However, there are a few that are present to the left of the threshold 710. The overlap is 16, thus there is a noticeable level of inaccuracy.
  • FIG. 8 is a histogram 800 showing a score distribution of a simulation where scores are calculated according to an embodiment of the present invention.
  • the X axis and the Y axis are the same as in plot 700.
  • the scores are calculated using an LDCT representation of the magnetic signature.
  • the scores are also calculated using a reference signature that was updated from the original reference signature.
  • the scores 820 (dark data points) from different cards are all clustered to the left of a threshold 810.
  • the threshold 810 is based on the scores shown. Notice that there are no points that are present to the right of the threshold 810, meaning no false positives.
  • the scores 830 are the scores from the signatures where noise was added to the reference signature. These scores are all clustered to the right of the threshold 810. There are no points that are present to the left of the threshold 810, which is at 112. Here all of the points are categorized accurately, as shown by a zero overlap.
  • FIG. 9 shows an exemplary system 20 according to an embodiment of the invention.
  • Other systems according to other embodiments of the invention may include more or less components than are shown in FIG. 9.
  • the system 20 shown in FIG. 9 includes a merchant 22 and an acquirer 24 associated with the merchant 22.
  • a consumer 30 may purchase goods or services at the merchant 22 using a portable consumer device 32, such as a debit card, credit card, and a smartcard.
  • the merchant 22 could be a physical brick and mortar merchant or an e-merchant.
  • the consumer may interact with the payment processing network 26 and the merchant through an access device 34, such as a point of sale (POS) terminal, personal computer, and a mobile phone.
  • the merchant 22 may also have, or may receive communications from, an access device 34 that can interact with the portable consumer device 32.
  • the access device 34 may be part of, be, or include a computing device that includes a processor that calculates the representation of the magnetic signature for sending to an authentication device.
  • the access device 34 may also include the authentication device.
  • an authorization request message which may include the representation of the magnetic signature
  • the acquirer 24 is then forwarded to the acquirer 24, and then sent to the payment processing network 26, which may include the authentication device.
  • the payment processing network 26 then forwards the authorization request message to the issuer 28 of the portable consumer device 32, who sends an authorization response message back to the payment processing network 26 to indicate whether or not the current transaction is authorized.
  • Any of the entities herein e.g. acquirer 24, payment processing network 26, or the issuer 28
  • the payment processing network 26 may perform an authentication check, determine an authentication score, and devise a risk value, which may be based on other factors than the authentication of the magnetic signature.
  • the authentication device may be any one or more computers in the payment processing network 26.
  • the issuer then may use the risk value to determine whether or not the transaction is to be authorized.
  • the payment processing network 26 may determine that the card is not authenticated and then send a denial to the merchant 22 without ever contacting the issuer 28.
  • the payment processing network 26 can forward the authorization response message back to the acquirer 24, who then sends the response message back to the merchant 22.
  • the access device 34 at the merchant 22 may then provide the authorization response message for the consumer 30.
  • the response message may be displayed by the access device 34 or the portable consumer device 32, or may be printed out on a receipt.
  • the response message may include a denial for a transaction based on the card not being authenticated.
  • a normal clearing and settlement process can be conducted by the payment processing network 26.
  • a clearing process is a process of exchanging financial details between and acquirer and an issuer to facilitate posting to a consumer's account and reconciliation of the consumer's settlement position.
  • an "acquirer” is typically a business entity, e.g., a commercial bank that has a business relationship with a particular merchant or an ATM.
  • An "issuer” is typically a business entity (e.g., a bank) which issues a portable consumer device such as a credit or debit card to a consumer. Some entities can perform both issuer and acquirer functions. Embodiments of the invention encompass such single entity issuer-acquirers.
  • the consumer 30 may be an individual, or an organization such as a business that is capable of purchasing goods or services. In other embodiments, the consumer 30 may simply be a person who wants to conduct some other type of transaction such as a money transfer transaction or a transaction at an ATM.
  • the portable consumer device 32 may be in any suitable form.
  • suitable portable consumer devices can be hand-held and compact so that they can fit into a consumer's wallet and/or pocket (e.g., pocket-sized). They may include smart cards, ordinary credit or debit cards (with a magnetic strip and without a microprocessor), etc.
  • Other examples of portable consumer devices include, payment cards, security cards, and access cards, and the like.
  • the portable consumer devices can also be debit devices (e.g., a debit card), credit devices (e.g., a credit card), or stored value devices (e.g., a stored value card).
  • the access devices 34 can be in any suitable form.
  • Examples of access devices include point of sale (POS) devices, cellular phones, PDAs, personal computers (PCs), tablet PCs, handheld specialized readers, set-top boxes, electronic cash registers (ECRs), automated teller machines (ATMs), virtual cash registers (VCRs), kiosks, security systems, access systems, and the like.
  • POS point of sale
  • PCs personal computers
  • PCs personal computers
  • ATMs automated teller machines
  • VCRs virtual cash registers
  • kiosks security systems, access systems, and the like.
  • any suitable point of sale terminal may be used including card readers.
  • the card readers may include any suitable contact or contactless mode of operation.
  • exemplary card readers can include RF (radio frequency) antennas, magnetic stripe readers, etc. to interact with the portable consumer devices 32.
  • the payment processing network 26 may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services.
  • An exemplary payment processing network may include VisaNetTM.
  • Payment processing networks such as VisaNetTM are able to process credit card transactions, debit card transactions, and other types of commercial transactions.
  • VisaNetTM in particular, includes a VIP system (Visa Integrated Payments system) which processes authorization requests and a Base Il system which performs clearing and settlement services.
  • the payment processing network 26 may include a server computer.
  • a server computer is typically a powerful computer or cluster of computers.
  • the server computer can be a large mainframe, a minicomputer cluster, or a group of servers functioning as a unit.
  • the server computer may be a database server coupled to a Web server.
  • the payment processing network 26 may use any suitable wired or wireless network, including the Internet.
  • the issuer 28 may be a bank or other organization that may have an account associated with the consumer 30. The issuer 28 may operate a server.
  • Embodiments of the invention are not limited to the above-described embodiments. For example, although separate functional blocks are shown for an issuer, payment processing network, and acquirer, some entities perform all or any suitable combination of these functions and may be included in embodiments of invention. Additional components may also be included in embodiments of the invention.
  • FIG. 10 shows components or subsystems of a computer apparatus that may be used to perform or be parts of embodiments of the present invention.
  • such components or any subset of such components may be present in various components shown in FIG. 9, including the access device 34, server computers 26(a), 28(a), etc.
  • the subsystems shown in FIG. 10 are interconnected via a system bus 1075. Additional subsystems such as a printer 1074, keyboard 1078, fixed disk 1079, monitor 1076, which is coupled to display adapter 1082, and others are shown.
  • Peripherals and input/output (I/O) devices which couple to I/O controller 1071 , can be connected to the computer system by any number of means known in the art, such as serial port 1077.
  • serial port 1077 or external interface 1081 can be used to connect the computer apparatus to a wide area network such as the Internet, a mouse input device, or a scanner.
  • the interconnection via system bus 1075 allows the central processor 1073 to communicate with each subsystem and to control the execution of instructions from system memory 1072 or the fixed disk 1079, as well as the exchange of information between subsystems.
  • the system memory 1072 and/or the fixed disk 1079 may embody a computer readable medium.
  • the access device 34 (such as mobile phone) stores a reference signature.
  • the access device may perform the comparison and provide a measure of authenticity.
  • FIG. 11 is a flowchart of a method 1100 for authenticating a document having a magnetic stripe using a portable device according to an embodiment of the present invention.
  • the portable device is any electronic device that a consumer can carry, such as a mobile phone, an mp3 player, camera, etc.
  • step 1110 the magnetic stripe of a document (e.g. a card) is scanned using the portable device to create digital samples.
  • the creation of the digital samples may be done as described in steps 410 and 420 for method 400.
  • the portable device includes a magnetic read head.
  • a processor of the portable device calculates a plurality of expansion coefficients of a set of continuous basis functions based on the digital samples.
  • the expansion coefficients may be determined by performing a transform (e.g. a fast Fourier transform, or LDCT) on the digital sample values.
  • a transform e.g. a fast Fourier transform, or LDCT
  • Other fitting or optimization algorithms may also be used to determine the best or suitable coefficients that when coupled with the basis functions provide the approximate values of the digital samples.
  • this processor is or is part of an authentication device as described herein.
  • step 1130 the calculated expansion coefficients are compared to reference expansion coefficients that are stored on the portable device.
  • the comparison may occur similarly as described for step 470 of method 400.
  • the reference expansion coefficients may be stored in a memory that is not user accessible. In this manner, someone could not counterfeit a credit card and store the reference signature of the counterfeit card on a portable device. One skilled in the art will appreciate the different ways that this may be accomplished.
  • a phone company or other wireless provider can write a reference signature to the phone.
  • the data may be encrypted and the memory location not identifiable to a user of the portable device.
  • a payment processing network may also be given instructions on how to access the reference number. In this manner, the payment processing network may be able to update the reference signature.
  • the comparison of the expansion coefficients may be performed by the same processor that calculates the expansion coefficients.
  • a different processor which may be more secure, may be used.
  • This processor e.g. an application specific circuit
  • This processor also may be configured to be the only device that can read the reference signature.
  • step 1140 based on the comparison, a measure of the authenticity of the document is provided.
  • the measure of authenticity may be of any form as described herein, e.g. for step 480 of method 400.
  • the authentication of the document is part of an overall process of authorizing a transaction using an account associated with the document. In such embodiments, the steps below may be performed.
  • a request for authorization is sent.
  • the authorization request is sent from the portable device.
  • the mobile phone may send an SMS (short messaging system) message or make a network connection (e.g. using the Internet) to an authorizing entity (such as a payment processing network or an issuer of the account).
  • the authorization request can include the measure of authenticity or any result using the measure, such as a binary result based on a comparison with a threshold value.
  • the portable device may transmit a measure of authenticity to an access device (e.g. POT terminal) associated with the transaction, such as at a retail store.
  • the access device may then submit the authorization request.
  • the transmission may occur through a physical connection, such as a cable.
  • the portable device may have a contactless element that can wirelessly transmit data to a receiver on the POT terminal. Different wireless protocols such as infrared, Bluetooth, Wi-Fi, and others may be used.
  • a response to the authorization request may be received.
  • the response is received at the portable device.
  • the response is received at another device, such as at a display of a store, which may occur even when the request is sent by the portable device. If the transaction is authorized, the store may then provide a good or service to the consumer.
  • An exemplary portable device 32' in the form of a phone may comprise a computer readable medium and a body as shown in FIG. 12.
  • FIG. 12 shows a number of components, and the portable consumer devices according to embodiments of the invention may comprise any suitable combination or subset of such components.
  • the computer readable medium 32(b) may be present within the body 32(h), or may be detachable from it.
  • the body 32(h) may be in the form a plastic substrate, housing, or other structure.
  • the computer readable medium 32(b) may be a memory that stores data and may be in any suitable form including a magnetic stripe, a memory chip, etc.
  • the memory preferably stores information such as financial information, transit information (e.g., as in a subway or train pass), access information (e.g., as in access badges), etc.
  • the memory may also store the reference expansion coefficients or other digital representation of the magnetic characteristic. Note that the memory may be made of multiple modules or circuits.
  • Financial information may include information such as bank account information, bank identification number (BIN), credit or debit card number information, account balance information, expiration date, consumer information such as name, date of birth, etc. Any of this information may be transmitted by the portable consumer device 32.
  • the portable consumer device 32 may further include a contactless element 32(g), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer (e.g., data transmission) element, such as an antenna.
  • Contactless element 32(g) is associated with (e.g., embedded within) portable consumer device 32 and data or control instructions transmitted via a cellular network may be applied to contactless element 32(g) by means of a contactless element interface (not shown).
  • the contactless element interface functions to permit the exchange of data and/or control instructions between the mobile device circuitry (and hence the cellular network) and an optional contactless element 32(g).
  • Contactless element 32(g) is capable of transferring and receiving data using a near field communications (“NFC") capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443/NFC).
  • NFC near field communications
  • Near field communications capability is a short- range communications capability, such as RFID, BluetoothTM, infra-red, or other data transfer capability that can be used to exchange data between the portable device 32 and an interrogation device.
  • the portable device 32 is capable of communicating and transferring data and/or control instructions via both cellular network and near field communications capability.
  • the portable device 32 may also include a processor 32(c) (e.g., a microprocessor) for processing the functions of the portable device 32 and a display 32(d) to allow a consumer to see phone numbers and other information and messages.
  • the portable device 32 may further include input elements 32(e) to allow a consumer to input information into the device, a speaker 32(f) to allow the consumer to hear voice communication, music, etc., and a microphone 32(i) to allow the consumer to transmit her voice through the portable consumer device 32.
  • the portable electronic device 32 may also include an antenna 32(a) for wireless data transfer (e.g., data transmission).
  • the portable device 32 may also be used to identify the cardholder for a transaction.
  • FIG. 13 is a flowchart of a method for identifying the identity of a cardholder according to an embodiment of the present invention.
  • a portable electronic device such as device 32 stores a digital representation of the magnetic characteristic.
  • the digital representation may be of any form, e.g., expansion coefficients, a binary number, or any other form mentioned herein.
  • the portable device is associated with the cardholder. This association may be performed by the cardholder registering the phone with an entity associated with the card, such as the issuer of the card or a payment processing network associated with the card. For example, the user may be required to call or text message a particular number, e.g., when activating the card. The registration may be performed or required at a retail facility.
  • the digital representation may be downloaded to a memory of the portable device (e.g. a phone).
  • the memory (or at least a specific portion of the memory) may be configured to have secured access, .e.g., a specific code (such as key) or hardware may be required to write or read to the memory.
  • the digital representation may also be determined from a scan of the card by the portable device or by another device and then sent to the portable device (e.g. when the two devices are in close proximity).
  • a request is received to verify the identity of a person as being the cardholder.
  • the request may be received via any wired, but preferably wireless logic.
  • the request is sent by the other entity (or an electronic device of the other entity) involved in the transaction.
  • a POS terminal may send a request to a phone of the person attempting to make a purchase or other transaction.
  • the request is sent from the other entity to the issuer or payment processing network, which then transmits a request to the portable device.
  • the portable device accesses the memory to retrieve the digital representation of the magnetic characteristic of the magnetic stripe of the card.
  • the access may achieved in any number of secure ways.
  • the issuer or payment processing network may send a location of the digital representation, so that the portable device may access a particular part of memory. In other words, the operating system or other application of the portable device may not know how to retrieve the data without the location information.
  • the digital representation is transmitted.
  • the digital representation is transmitted to the other entity in the transaction (e.g. the merchant).
  • the representation may be encrypted so that the other entity is not able to determine the values of the digital representation.
  • the digital representation is transmitted to the issuer, payment processing network, acquirer, or other entity that has access to a reference representation of the magnetic characteristic.
  • the digital representation is received at the entity that has the digital representation.
  • the digital representation may be received directly from the portable device or through another device (e.g. via a POS terminal).
  • the digital representation is compared to a reference representation.
  • the reference representation may be the exact values that were originally downloaded to the portable device.
  • the current scan i.e. a current representation
  • This current scan may be sent in a same message from the portable device or from another electronic device.
  • a response to the identity verification is sent.
  • the response is a true or false (i.e. binary) result as to whether the digital representation from the portable device is the same as the reference representation.
  • the response may be sent to the other electronic device (such as a POS terminal) or to another electronic device associated with the other entity in the transaction.
  • Embodiments of the invention provide for a number of advantages. For example, less bandwidth (while no compromising accuracy) is required since the data points are transformed to a function space that can more efficiently describe the magnetic characteristic (i.e. fingerprint, signature). Also, embodiments account for the degradation of a card, thus maintaining accuracy over time.
  • Any of the software components or functions described in this application may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques.
  • Computer programs incorporating features of the present invention may be encoded on various computer readable media for storage and/or transmission; suitable media include magnetic disk or tape, optical storage media such as compact disk (CD) or DVD (digital versatile disk), flash memory, and the like.
  • the computer readable medium may be any combination of such storage or transmission devices.
  • Such programs may also be encoded and transmitted using carrier signals adapted for transmission via wired, optical, and/or wireless networks conforming to a variety of protocols, including the Internet.
  • a computer readable medium according to an embodiment of the present invention may be created using a data signal encoded with such programs.
  • Computer readable media encoded with the program code may be packaged with a compatible device or provided separately from other devices (e.g., via Internet download). Any such computer readable medium may reside on or within a single computer program product (e.g. a hard drive or an entire computer system), and may be present on or within different computer program products within a system or network.

Abstract

Methods, systems, and apparatus for efficiently authenticating a document (e.g. a credit card) having a magnetic stripe are provided. The magnetic field at different points of the magnetic stripe are measured, e.g., by a checkout scanner to create a magnetic signature. Digital samples of the measurements may be transformed into coefficients of continuous basis functions, e.g., a Fourier transform. These coefficients are then compared to reference values (e.g. corresponding coefficients) to produce a measure of the authenticity of the document. The number of coefficients used can advantageously be smaller than the number of digital samples without compromising accuracy, thus using less bandwidth between a scanner and an authentication entity. The reference values can be updated over time to reflect changes in the magnetic stripe of the authentic document, as may occur due to physical deterioration. For example, reference values may be optimized based on recent measurements of the authenticated document to provide a more accurate determination of authenticity for future measurements. Methods, systems, and apparatus for verifying the identity of a cardholder are also provided. A digital representation of a magnetic characteristic of a magnetic stripe of the card can be stored on a portable electronic device of the cardholder. During a transaction, the digital signature is then transmitted so that it can be compared with a reference signature. The identity may be verified, and a response sent to a party requesting the verification, e.g., during a transaction between the requesting party and the verified party.

Description

AUTHENTICATION OF DOCUMENTS HAVING A MAGNETIC STRIPE
CROSS-REFERENCES TO RELATED APPLICATIONS [0001] This application claims priority to U.S. Patent Applications:
entitled "AUTHENTICATION OF DOCUMENTS HAVING MAGNETIC STRIPE " by Fang et al. (attorney docket number 16222U-038700US);
entitled "REPRESENTING A SIGNATURE OF A MAGNETIC STRIPE FOR AUTHENTICATING A DOCUMENT" by Fang et al. (attorney docket number 016222- 03871 OUS);
entitled "UPDATING OF REFERENCE MAGNETIC SIGNATURE FOR AUTHENTICATING A DOCUMENT WITH A MAGNETIC STRIPE" by Fang et al. (attorney docket number 16222U-038720US); and
entitled "VERIFYING CARDHOLDER IDENTITY USING SIGNATURE OF THE CARD" by Fang et al. (attorney docket number 016222-038730US), the disclosures of which are incorporated by reference in their entirety.
BACKGROUND
[0002] Embodiments of the present invention relate generally to authenticating a document having a magnetic stripe, and more specifically to authenticating a unique magnetic characteristic of a card (e.g. a credit card). Embodiments of the present invention also relate generally to verifying the identity of a cardholder, and more specifically to using a unique magnetic characteristic of a card (e.g. a credit card) to verify the cardholder identity.
[0003] Documents having a magnetic stripe have long been used for a variety of different purposes. Such documents are currently used in large numbers, e.g., credit cards, debit cards, I. D. cards, etc. Typically the magnetic stripes of such cards carry recorded data relating to the use of the card, and in some instances relating to the assigned user or owner of the card.
[0004] Although magnetic stripe cards are widely and successfully used in commerce and industry, counterfeiting these cards is a common occurrence, which can result in great losses. For example, if a counterfeiter obtains an authentic credit card (or the recorded data on the card), the counterfeiter can create a new credit card, which could be used to make unauthorized transactions. Consequently, the ability to reliably verify the authenticity of a card (or other document) having a magnetic stripe is important.
[0005] One method for verifying the authenticity of a card uses certain magnetic characteristics of the magnetic stripe to identify cards. Generally, the magnetic stripes of individual cards possess inherent, substantially unique, magnetic characteristics (often referred to as a fingerprint or signature). This fingerprint is related to a noise-like component that results from the manufacturing process of the magnetic stripe.
[0006] Current methods convert the magnetic noise to a binary number based on a measured magnetism of specific parts of the magnetic stripe. This binary number is then directly compared bit-by-bit to a reference binary number resulting from an original scan (measurement) of the card and/or independently to previously authenticated scans. The total of the bit-by-bit differences may then be compared to a threshold value to determine whether the card is authentic.
[0007] To obtain high accuracy for the authentication, large binary words are used. These large binary words use a high amount of bandwidth from a reader (e.g. at a checkout stand) to a payment processor who performs the authentication. The bandwidth for data being sent from the reader is relatively fixed (e.g. 60 bytes for all data - including signature, PAN, encryption, ...), and will not change soon. Thus, the high bandwidth requirement causes an inability to use such methods and/or requires other data to be removed from a message to the authentication entity.
[0008] Also, high sampling rates of the analog signal from the reader are used so that the binary word and the reference binary word are aligned. For example, different swipe speeds could result in mis-aligned binary words. These high sampling rates and extensive computer processing, at the reader, are used to attempt to align the binary word with the reference binary word. The high sample rates and extensive computer processing cause additional cost and time, and a misalignment might still occur. [0009] Another problem with the current methods is that the magnetic stripe of the authentic document degrades over time and use. A result is that the ability to accurately identify the authentic document can be compromised. This is important as a part of authenticating a document is not only to identify non-authentic documents, but to also identify when the authentic document is being used.
[0010] Fraud can also occur when a card has been stolen or otherwise misappropriated. In these cases, it is desirable to confirm that the identity of the person using the card is indeed the cardholder of record.
[0011] It is therefore desirable to have methods, systems, and apparatus that efficiently and accurately authenticate a document and that utilize less bandwidth without compromising accuracy. It is also desirable to have methods, systems, and apparatus that continue to accurately authenticate a document having a magnetic stripe, particularly even after many uses of the document. It is also desirable to have methods, systems, and apparatus that can be used to verify the identity of a person as being connected to a specific card.
BRIEF SUMMARY
[0012] Embodiments of the present invention provide methods, systems, and apparatus for efficiently authenticating a document (e.g. a credit card) having a magnetic stripe. The magnetic field at different points of the magnetic stripe is measured, e.g., by a checkout scanner to create a magnetic signature.
[0013] In one embodiment, digital samples of the measurements are transformed into coefficients of continuous basis functions, e.g., a Fourier transform. These coefficients are then compared (e.g. by a credit card processing entity) to reference coefficients to produce a measure of the authenticity of the document. The number of coefficients used can be smaller than the number of digital samples without compromising accuracy, thus using less bandwidth between a scanner and an authentication entity. Problems associated with mis-alignment of digital samples may also be overcome.
[0014] Embodiments of the present invention may also provide methods, systems, and apparatus for verifying the identity of a cardholder. In one aspect, a digital representation of a magnetic characteristic of a magnetic stripe of the card is stored on a portable electronic device of the cardholder. During a transaction, the digital signature is then transmitted so that it can be compared with a reference signature on file.
[0015] According to one embodiment, an authentication device receives a set of expansion coefficients corresponding to a set of continuous basis functions. The expansion coefficients are based on digital samples of an analog signal representative of the magnetic characteristic. The received expansion coefficients are compared to reference expansion coefficients. Based on the comparison, a measure of an authenticity of the document is provided.
[0016] According to another embodiment, a processor of a computing device receives a plurality of digital samples of an analog signal representative of the magnetic characteristic. Based on the digital samples, the processor calculates a set of expansion coefficients corresponding to a set of continuous basis functions. At least a portion of the expansion coefficients are sent to an authentication device that compares the portion of the calculated expansion coefficients to reference expansion coefficients to obtain a measure of the authenticity of the document.
[0017] To account for degradation over time and/or use, the reference signature can be updated, e.g. periodically over time or in response to other factors. As a result of the update, the new magnetic signature can be compared to a combination of previously received magnetic signatures. In one embodiment, these previously received magnetic signature used in the combination were deemed authentic or had a high probability of being authentic. In this manner, the effective reference signature may advantageously be in a state that accurately reflects the current state of the authentic magnetic stripe.
[0018] According to one exemplary embodiment, an authentication device receives a set of values representing the magnetic characteristic. The received values are compared to reference values. The comparing includes determining an error for each received value, wherein each error includes a sum of contributions, each corresponding to a different set of previously received values representing the magnetic characteristic. Based on the comparison, a measure of an authenticity of the document is provided. In one embodiment, the reference values (e.g. for the digital samples or the transform coefficients) may be optimized based on recent measurements of the authenticated document to provide a more accurate determination of authenticity for future measurements.
[0019] According to another embodiment, a portable device for verifying an identity of a cardholder during a transaction involving a card is provided. A memory stores a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card, where the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe. Input logic receives a request for verification of the identify of the cardholder. Output logic transmits the digital representation to another electronic device in response to receiving the request. The digital representation may be used by the another electronic device, or another device further upstream to verify the identity of the cardholder.
[0020] According to another embodiment, a method of verifying an identity of a cardholder during a transaction involving a card is provided. A request for verification of the identify of the cardholder is received at a portable electronic device of the cardholder. A memory of the portable electronic device that stores a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card is accessed. The digital representation is transmitted to another electronic device in response to receiving the request.
[0021] According to another embodiment, a method of verifying an identity of a cardholder during a transaction involving a card is provided. A system of an entity associated with an issuer of the card receives a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card. The association may be that the system is run by or communicates with the issuer. For example, the system may process payments for the issuer of the card. The digital representation is sent from a portable electronic device of the cardholder in response to a request for identity verification. The system compares the digital representation to a reference representation. Based on the comparison, a response to the verification request is sent to a requesting device that made the request for the identity verification.
[0022] Other embodiments of the invention are directed to systems, scanners, and computer readable media associated with the above-described methods and devices. [0023] As used herein, a continuous function is a function for which small changes in the input result in small changes in the output. For example, a cosine function Y=COs(X) would be continuous as a small change in X produces a small change in Y. However, a delta function Y=δ(X) (which equals infinity for X=O and equals zero otherwise) is discontinuous as a small change from X=O will cause a very large change in Y. Such description will be familiar to one of skill in the art.
[0024] A continuous function that spans a segment (e.g. a distance along a magnetic stripe) has non-zero values for at least a plurality of points along the segment. For example, although the cosine function may have a zero at a particular point of the segment (depending on the offset used), the cosine function is defined throughout all space and has non-zero values for other points.
[0025] A better understanding of the nature and advantages of the embodiments of the present invention may be gained with reference to the following detailed description and the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
[0026] FIG. 1A shows a document 100 including a magnetic stripe 105 according to an embodiment of the present invention.
[0027] FIG. 1 B shows a scanner 120 according to an embodiment of the present invention.
[0028] FIG. 1 C shows an analog signal 150 obtained from a magnetic read head according to an embodiment of the present invention.
[0029] FIG. 2 shows a plot 200 of an analog signal 205 that may be sampled to create a magnetic signature of a document according to an embodiment of the present invention.
[0030] FIG. 3A is a plot 300 of a LDCT basis function according to an embodiment of the present invention.
[0031] FIG. 3B is a histogram 350 of the expansion coefficients of a representation of a magnetic signature according to an embodiment of the present invention. [0032] FIG. 4 is a flowchart of a method 400 for authenticating a document having a magnetic stripe according to an embodiment of the present invention.
[0033] FIG. 5 is a plot 500 showing a determination of a threshold according to an embodiment of the present invention.
[0034] FIG. 6 shows a block diagram of a method for authenticating a document according to an embodiment of the present invention.
[0035] FIG. 7 is a histogram 700 showing a score distribution of a simulation using a bit-by-bit comparison of binary numbers obtained from digital samples of the magnetic signature.
[0036] FIG. 8 is a histogram 800 showing a score distribution of a simulation where scores are calculated according to an embodiment of the present invention.
[0037] FIG. 9 shows an exemplary system 20 according to an embodiment of the invention.
[0038] FIG. 10 shows components or subsystems of a computer apparatus that may be used to perform or be parts of embodiments of the present invention.
[0039] FIG. 11 is a flowchart of a method 100 for authenticating a document having a magnetic stripe using a portable device according to an embodiment of the present invention.
[0040] FIG. 12 shows a block diagram of one type of portable consumer device according to an embodiment of the present invention.
[0041] FIG. 13 is a flowchart of a method for identifying the identity of a cardholder according to an embodiment of the present invention.
DETAILED DESCRIPTION
[0042] Embodiments of the present invention provide methods, systems, and apparatus for efficiently authenticating a document (e.g. a credit card) having a magnetic stripe. The magnetic field at different points of the magnetic stripe are measured, e.g., by a checkout scanner to create a magnetic signature.
[0043] In one embodiment, digital samples of the measurements are transformed into coefficients of continuous basis functions, e.g., a Fourier transform. These coefficients are then compared (e.g. by a credit card processing entity) to reference coefficients to produce a measure of the authenticity of the document. The number of coefficients used can advantageously be smaller than the number of digital samples without compromising accuracy, thus using less bandwidth between a scanner and an authentication entity.
[0044] In another embodiment, the digital samples of the measurements can then be represented in any number of suitable ways, e.g. a binary number or coefficients of continuous basis functions, such as a Fourier transform. These coefficients are then compared (e.g. by a credit card processing entity) to reference coefficients to produce a measure of the authenticity of the document. Reference values (for the digital samples or the transform coefficients) may be based (e.g. optimized) on recent measurements of the authenticated document to provide a more accurate determination of authenticity for future measurements.
[0045] FIG. 1A shows a document 100 including a magnetic stripe 105 according to an embodiment of the present invention. In this embodiment, the document 100 is a card having a plastic substrate 110. Consumer information 115 such as an account number, expiration date, and consumer name may be printed or embossed on the card. Document 100 may include, for example, smart cards, ordinary credit or debit cards, and stored value cards.
[0046] Information in the magnetic stripe may be in the form of data tracks that are traditionally associated with credits cards. In some embodiments, such tracks include Track 1 and Track 2. Track 1 ("International Air Transport Association") stores more information than Track 2, and contains the cardholder's name as well as account number and other discretionary data. Track 2 ("American Banking Association") is currently most commonly used. This is the track that is read by
ATMs and credit card checkers. The ABA (American Banking Association) designed the specifications of this track and all world banks must abide by it. It contains the cardholder's account, encrypted PIN data, plus other discretionary data.
[0047] When used for a transaction (e.g. a purchase), the card is swiped though a scanner, for example, at a point of sale terminal. The scanner obtains an account identifier (such as a credit card number), which is then sent for authorization of the purchase, e.g., to a payment processing network as described below. However, as mentioned above, data recorded on the card may be copied to a different card.
[0048] FIG. 1 B shows a scanner 120 according to an embodiment of the present invention. The scanner may include a channel 125 for guiding a swipe of the card. A magnetic read head 130 senses magnetic fields in the magnetic stripe of the card and creates an electric (analog) signal based on the sensed magnetic fields. The magnetic fields may be the result of data (e.g., a "1" or a "0") recorded on the magnetic stripe.
[0049] An analog-to-digital converter 135 samples the analog signal at periodic intervals and creates a digital value based on the analog value at the sample values. The digital values may be in binary form or in any other base number (e.g. decimal or base 5).
[0050] A processor 140 receives the digital values and processes them to create a representation of the magnetic characteristic (signature). In one embodiment, the representation includes digital values corresponding to specific points of the card. In one aspect, the points are two dimensional regions of the magnetic stripe. In another embodiment, the representation includes expansion coefficients of continuous basis functions, as will be described later.
[0051] The processor 140 is communicably coupled with a network interface 145 that can be communicably coupled with an external device (e.g. an authentication device) for comparing the representation (e.g. the expansion coefficients) to a reference representation (e.g. values from an original scan of the card). In another embodiment, the processor 140 can perform the comparing. The processor 140 may be part of or be a computing device that determines a magnetic signature of the document. Also, the processor 140 may be enclosed in a separate housing from any scanning device.
[0052] FIG. 1C shows an analog signal 150 obtained from a magnetic read head according to an embodiment of the present invention. The Y (vertical) axis is the voltage of the analog signal, which corresponds to a strength and/or direction of a magnetic field created by a small part of the magnetic stripe. The X (horizontal) axis is time. The time does correspond to a particular part of the magnetic card. Which particular part of the card that the time corresponds depends on the swipe speed of the card. The line 170 denotes a reference voltage, which may be zero or any other value or polarity.
[0053] The peaks 155 and 160 correspond to data that has been written onto the magnetic stripe (e.g. a bit of the account number). The space between the peaks is relatively flat and includes noise 165, which may be used as a magnetic signature of the card. U.S. Pat. No. 6,098,881 issued to Deland et al., the entire disclosure of which is incorporated herein by reference, is directed to using "relatively flat" portions representative of the remnant noise characteristics of the stripe that are located between magnetic transitions to authenticate individual documents. Noise on top of the recorded data may also be used, but this may be more difficult to separate.
[0054] The noise 165 in the space may be amplified by an amplifier in the read head 130, between the read head and the ADC 135, or in the ADC. This extra amplification may be triggered to occur in between the data peaks 155 and 160. Typically the data peaks 155 and 160 are sampled and turned into bits of 0 or 1. The digital samples of the noise 165 may be binary, decimal, or any other base number.
[0055] In one aspect, the noise 165 in the magnetic stripe is the result of the manufacturing process. To create the stripe, magnetic particles are laid down essentially in a random orientation. Thus, different parts of the stripe will have different levels of magnetism, prior to writing data onto the cards, thereby providing a signature for that specific card.
[0056] In one embodiment, a magnetic signature may be taken from one or more predetermined segments of the card. For example, spaces in between multiple data bits may be used. Each space may be used as a separate signature, or as components of the same signature.
[0057] FIG. 2 shows a plot 200 of an analog signal 205 that may be sampled to create a magnetic signature of a document according to an embodiment of the present invention. As in FIG. 1 C, the Y axis is the voltage of the analog signal, and the X axis is time. The time does correspond to a particular part of the magnetic card and depends on the swipe speed of the card. The line 270 is a reference voltage, which is marked as zero. In one embodiment, a sensed magnetism in one direction causes a positive voltage, and a sensed magnetism in another direction provides a negative voltage (relative to the reference voltage 270).
[0058] As mentioned above, the analog signal 205 is sampled at periodic intervals, e.g., by the ADC 135. Points 210 show points at which a digital sample is taken. In one embodiment, the point 210(1 ) of the analog signal results in a zero value. In one aspect, increases from point 210(1 ) create a positive sample value, and decreases result in a negative sample value.
[0059] In one embodiment, the point 210(2) receives a value of 1 and the point 210(3) receives a value of 2. In one embodiment, the values could be 5 and 9, respectively, depending on the maximum and minimum digital values to be used.
[0060] The digital values may then be processed, e.g. by processor 140, to determine a representation for the magnetic characteristic. In one embodiment, a representation would be simply using the digital sample values themselves. However, the number of sample values may be very large.
[0061] In another embodiment, the representation would look at several sample values over a range. For example, a range may be from 210(1 ) to 210(5), and an average of the values could be used to determine a new value for that range. In one aspect, the new value could be a binary value. In such an instance, the binary value in this case would most likely be 1.
[0062] In another embodiment, the digital sample values are taken as points of a function F(Xi), where Xi is a sample point. The function F(Xi) is then expressed as a series (expansion) of basis functions G(Xi), e.g., continuous basis functions (such as sines or cosines), providing
N-I
F(X) = ∑ Ck G AX) . k=0 k
The expansion coefficients CK may then be used as the representation of the magnetic characteristic in the functional space of G. Typically, the basis functions G are of a same family, such as Legendre polynomials, Fourier functions (e.g., plane waves and sines/cosines), wavelets, and other like continuous functions. [0063] In one embodiment, the basis functions Gk(X) provide a Fourier expansion, e.g. using sines or cosines. The expansion coefficients may then be obtained by taking a Fourier transform of the sample points, thus converting the real space representation to a Fourier space representation. An advantage of such a representation is that alignment of the values of the representation would not be as tightly required relative to the reference representation. For example, an oscillating waveform would have the same Fourier components even if it is shifted by an amount in real space.
[0064] One skilled in the art will appreciate the numerous different basis functions that may be used, such as wavelet, fast Fourier transform (FFT), local Fourier transforms, and polynomials. The basis functions may be orthogonal or non- orthogonal. In one embodiment, the basis functions will span the entire space that the sample values cover. Fourier basis functions are such a type of function as they may represent any non-zero function throughout any range.
[0065] In one embodiment, the basis functions G may include a window cut off function. Such a window function may be used to localize the continuous basis functions to a certain segment of real space (e.g. distance along the magnetic stripe). This may be desirable depending on the type of transform or expansion that is used.
[0066] In one embodiment, local discrete cosine transforms (LDCT) are used to determine the representation. In this case, the expansion coefficients may be calculated as
C j {B(. ,Bλ ,...,B λr _Λ is a window cut off function, {A A ,A A are the sample values, and (Cn, C ,...,C J are the
expansion coefficients. If the number of basis functions is less than the number of sample points, then a fitting algorithm (such as a least squares optimization) may be used to determine the expansion coefficients.
[0067] In one aspect, a DCT (Discrete Cosine Transform) has a good information concentration property, which means that most of the digital information tends to be concentrated in a few coefficients of the DCT. Such a transform can approach the Karhunen-Loeve transform, which is optimal in the de-correlation sense. Thus, using DCT, digital information can be represented with a fewer bits.
[0068] In embodiments that use orthogonal transform, a digital signal can be more easily transformed into a different domain without any effective loss of information. This is in part because adding more functions necessarily provides greater accuracy in the representation. For example, the cosine function based orthogonal transform transforms data into a domain where its information is represented as frequencies.
[0069] FIG. 3A is a plot 300 of a LDCT basis function according to an embodiment of the present invention. As one can see, the basis function is continuous, and it is local (not strictly zero) over a particular range. The outer envelope 310 of the oscillating function 320 may be defined by the window cutoff function B. The cutoff function B causes the function to be zero or effectively zero (very small) outside of a window, which would coincide with the segment for the magnetic characteristic. These basis functions may be used to represent a particular segment of a magnetic signature or all of the segments of a signature.
[0070] FIG. 3B is a histogram 350 of the expansion coefficients of a representation of a magnetic signature according to an embodiment of the present invention. The Y axis is the value of each coefficient. The X axis is the index value of the expansion coefficient. The histogram 350 is often called a spectrum, particularly when oscillating basis functions are used (such as sines and cosines).
[0071] In one embodiment, fewer expansion coefficients C than sample points A are used to represent the magnetic characteristic. For example, 128 sample bits may be used, but only 32 expansion coefficients may be used for the representation of the signature. However, the 32 expansion coefficients still describe the magnetic characteristic over the entire range of the signature. In one aspect, the lowest K expansion coefficients are sent. The spectrum of the representation is said to be 32 since this is the number of basis functions used to represent the signature.
[0072] An advantage of using coefficients of basis functions is that the magnetic signature may be represented more accurately and/or using less numerical values, than does a bit-by-bit representation of the magnetic field in a particular point of the magnetic stripe. Since less numerical values are required to be sent from a scanner to an authentication entity, the leftover bandwidth may be used for additional data. For example, a non-symmetric key (which uses more data) may be used to encrypt the data.
[0073] FIG. 4 is a flowchart of a method 400 for authenticating a document having a magnetic stripe according to an embodiment of the present invention. As mentioned above, the magnetic stripe has a distinct magnetic characteristic that occurs over one or more predetermined segments of the magnetic stripe.
[0074] In step 410, the magnetic stripe of a document (e.g. a card) is scanned to create an analog signal. The scanning may occur at a checkout stand using a point of transaction (POT) terminal (such as a point of sale (POS) terminal) that includes a scanner. Note that as used herein a POS terminal may also be a POT terminal. The card is swiped though the POS terminal so that a magnetic read head reads local magnetic fields as the card is being swiped. A time-varying analog electrical signal, which corresponds to the sensed magnetic fields, is thus created. In another embodiment, a portable device may perform the scanning.
[0075] In step 420, the analog signal is sampled to create the digital samples. For example, the ADC 135 can sample the analog signal and create corresponding digital values. The number of sample points may be made much larger than the eventual representation of the signature. The digital values may fall within any range of numbers (e.g., -2 to 2, 0 to 6, etc.).
[0076] In step 430, the digital samples of the analog signal representative of the magnetic characteristic are received at a processor, e.g. processor 140 of a computing device. In one embodiment, the processor is in a POS terminal. In another embodiment, the processor is not in the POS terminal, but still on an internal network on which the POS terminal resides. For example, the POS terminal may be connected to a processor located in the same store. In yet another embodiment, the processor may be remote from the POS terminal.
[0077] In step 440, the processor calculates a plurality of expansion coefficients of a set of continuous basis functions based on the digital samples. As mentioned above, the expansion coefficients may be determined by performing a transform
(e.g. a fast Fourier transform, or LDCT) on the digital sample values. Other fitting or optimization algorithms may also be used to determine the best or suitable coefficients that when coupled with the basis functions provide the approximate values of the digital samples.
[0078] In step 450, the expansion coefficients are sent to an authentication device that compares the calculated expansion coefficients to reference expansion coefficients, thereby providing a measure of the authenticity of the document. In one embodiment, the expansion coefficients are sent as part of a message (e.g. an authentication request) from a POS terminal to a payment processing network.
[0079] An "authentication device" may include, for example, one or more computer apparatus of a payment processing network, a server computer at an issuer of a credit card (or other document), a POS terminal, or a mobile phone.
[0080] In one embodiment, the scanner can perform the transformation and send only the prescribed coefficients, which may be relatively small compared to the number of digital samples. Thus, bandwidth is advantageously saved and may be used for other purposes.
[0081] In step 460, the authentication device receives the expansion coefficients of a set of continuous basis functions based on digital samples of an analog signal representative of the magnetic characteristic. As stated above, the expansion coefficients may be received as part of a message that contains data recorded on the document (card), such as an account number. The message may be sent via any suitable network protocols, such as TCP, IP, HTTP, SMTP, and FTP.
[0082] In step 470, the authentication device compares the calculated expansion coefficients to reference expansion coefficients. In one embodiment, the comparison includes a difference between each expansion coefficient and the corresponding reference coefficient. The differences may be summed, given different weights, or provided as multiple inputs to another function. In another embodiment, a difference between functions that receive the expansion coefficients and the reference coefficients is taken.
[0083] In one embodiment, the authentication device may be part of the same system that creates the representation of the magnetic signature. For example, an access device (such as a mobile) phone may generate the representation of the magnetic signature (e.g. using a scanning device as described above) and perform the comparison to the reference signature..
[0084] In step 480, based on the comparison, a measure of the authenticity of the document is provided. In one embodiment, the measure is a binary result (such as authentic or not). In another embodiment, the measure is a probability score in a range (e.g. 0 to 100) with differing values providing less or more probability of the document being authentic. The measure may occur in discrete values (or categories) or in continuous values.
[0085] For example, if the expansion coefficients and the reference coefficients are identical, then a difference could yield a zero potentially providing a measure of
100% authenticity. Note that the resulting zero could be taken as the measure or the percentage could be replaced by any value as a maximum score. In one embodiment, a measure providing a 0% probability of authenticity may be defined as any expansion coefficients that provide a difference greater than a specified value. In another embodiment, negative values may be used so that there is no specified minimum as to a measure of authenticity.
[0086] In step 490, the measure may be compared to one or more threshold values. In one embodiment, the measure (e.g. a score) is compared to a threshold to determine a binary result for authenticity. For example, a probability score may be compared to a threshold; and if the score is greater, then the document is considered authentic. In another embodiment, the measure may be compared to multiple threshold values to provide discrete categories as to the level of authenticity.
[0087] The results of step 480 or 490 may then be used with other factors to determine a final risk level of a transaction. The risk levels may be discrete (such as binary or more categories) or continuous. For example, a probability score may be combined with other factors (such as the amount of the transaction, the merchant from which the message was sent, a history of the consumer account) to provide a risk level associated with the transaction. In one embodiment, the risk level may occur in discrete values, e.g. on a scale of 1 to N (e.g. 5) or in continuous values. Any of the measures, risk levels, scores, or values may be provided or displayed to other entities (such as the consumer, a merchant, or other computers involved in the transaction). [0088] The value(s) to use as threshold may be determined by analyzing the behavior of the measure (e.g. score) resulting from steps 480. In such a manner, a threshold may be chosen that can accurately differentiate between an authentic document and a non-authentic document. The threshold may be a static value or it may be dynamic.
[0089] FIG. 5 is a plot 500 showing a determination of a threshold according to an embodiment of the present invention. FIG. 5 shows two distributions 520 and 530. The X axis is a score correlating the sensed representation (e.g. expansion coefficients when the method 400 is used) to the reference representation. A score of 100 means a highest agreement with the reference and a 0 means a lowest agreement with the reference. The Y axis relates a number of times (frequency) that a sensed card had a particular score compared to a reference representation.
[0090] The distributions may be calculated using a fit to the points, or may be a simple interpolation. The fit may use any standard distribution functions such as a Gaussian, normal, or other suitable distribution.
[0091] The distribution 520 shows the distribution of scores from multiple different cards, which are not the authentic card. These scores were determined by swiping the cards through a scanner, comparing a representation of a magnetic signature, and determining the score. The distribution 530 is for signatures from the authentic card. These scores were determined from multiple swipes of the authentic card through a scanner. As one can see the score is typically not 100 all of the time for different swipes of the same card, nor is the score 0 for all of the swipes of a different card.
[0092] In one embodiment, a threshold method searches the best position where the overlap of two distributions is minimized. Such a threshold method may provide a compromise between false negative and false positives. In plot 500, the false negatives are the points of distribution 530 that are to the left of the threshold line 510. The false positives are the points of distribution 520 that are to the right of the threshold line 510. Since neither one of these inaccurate categorizations of the card is desirable, it is generally not good to obtain zero false negatives, only to allow more false positives, or vice versa. Thus, in one aspect, the intersection of the two distributions is taken as a threshold, as shown in plot 500. [0093] This threshold may be used as a static value for all cards of a similar type. For example, it may be determined that a threshold of 51 provides an accurate value given the distribution of scores to be expected for a particular type of card. The threshold may also be dynamic in that a new distribution may be determined for each new data point obtained. The new data points may be particular to a specific card, and thus each card would have specific distributions, and thus different thresholds.
[0094] In one embodiment, all cards of the same type would start with the same threshold. But, with each new score (or every N new scores) associated with that card, the distribution would be updated and a new threshold calculated. Additionally, the reference representation of the signature may be updated periodically as new scores are received. Such methods will now be described.
[0095] FIG. 6 shows a block diagram of a method 600 for authenticating a document according to an embodiment of the present invention. The steps may be done by different entities. For example, steps 610 and 620 may be performed by a POS terminal, while the rest of the steps may be done by an authentication entity (such as a payment processing network).
[0096] In block 610, a sensed signature is received, or otherwise input, into the system. In one embodiment, the input signature is the analog signal resulting from the sensing of the magnetic stripe. In another embodiment, the input signature is the digital sample values resulting from an AD conversion of the analog signal.
[0097] In block 620, the signature is transformed. In one embodiment, the digital samples are transformed into a representation of continuous basis functions by calculating expansion coefficients of the basis functions, as described herein. For example, a transformation may be made from the real space digital samples into a frequency space spanned by the basis functions. For a frequency representation, each coefficient would represent a different frequency of oscillation of the data point values. In another embodiment, the transformation is simply a conversion of the analog input signature into digital samples.
[0098] In block 630, a measure (e.g. a score) is calculated by comparing the transformed signature values to the reference values. The measure may be calculated in a manner as described herein. In one embodiment, the algorithm may perform a correlation match, e.g. by calculating an error (e.g. a difference) between the values.
[0099] In one embodiment, the score is a distance, or error of an EM signature to the reference signature, thus it is a measure of a correlation. In one aspect, the higher score, the closer the sensed signature is to the reference signature.
[0100] In block 640, the calculated score is compared to a threshold value. In one embodiment, the threshold (e.g. threshold 510) is calculated by the intersection of two distributions, as shown in FIG. 5. The threshold value may be one that was previously received from block 680 or a threshold value that was just received from block 680 (i.e. was updated in response to the input signature).
[0101] In one embodiment, if the score is greater than or equal to a threshold, then the signature is determined (block 650) to be a match (i.e. an authenticated document). In another embodiment, if the score is greater than the threshold, then the signature is determined to be a match. This embodiment can be equivalent to the greater than or equal embodiment when threshold is lowered by one unit of accuracy.
[0102] In one embodiment, if the score is less than or equal to a threshold, then the signature is determined (block 660) to not be a match (i.e. not an authenticated document). In another embodiment, if the score is less than the threshold, then the signature is determined to not be a match. This embodiment can be equivalent to the less than or equal embodiment when threshold is increased by one unit of accuracy. Note that the matching and not matching can be reversed based on a threshold when a lower score means a greater degree of matching. Also, there may be multiple thresholds that are used to determine more than two categorizations.
[0103] In step 670, after a score is calculated, the reference representation (values) is optionally updated. Because each time a card is swiped some additional noise (error) may be introduced onto the signature (e.g. physically disturbing the magnetic particles of the magnetic stripe). This introduced error will lower the score of the authentic card with respect to the reference signature, which was obtained from an original swipe of the authentic card. [0104] To overcome this problem, the reference signature is updated after N authentic input signatures have been received, where N may be any integer including 1. In one embodiment, the representation of each authenticated input signature is added into the reference. For example, a fixed amount (such as 10%) of the new, authenticated input signature is added into the reference. In another embodiment, the amount is weighted by the score. A higher score may cause a higher amount of that representation to be added, and lower score may cause a lower amount of that representation to be added. A normalization may be done after this adding.
[0105] In another embodiment, an artificial neural network (ANN) is used to optimize the reference signature. Other optimization methods may also be used. In one aspect, the reference is updates in such way that the error introduced in each card swiping is minimized, and therefore, the score is more accurate to detect counterfeit card. In another aspect, an optimization algorithm is used to maximize the score of the previous signatures relative to the new reference values. The error minimization or the score maximization may be performed for all previous input signatures or just for a portion of them.
[0106] Thus, the new reference values are a combination of previous input values for an authenticated signature. Accordingly, when any of the new reference values (as determined by any method herein) is compared to the input signature (e.g. coefficients), an error associated with value has contributions from each of the previous input signatures that are used to create the reference values.
[0107] Examples of parameters used in the ANN are as follows. One parameter is the target value for which the optimization strives to achieve. In one embodiment, the target value has a value close to 1. A parameter "eta" is a relatively small number (e.g. 0.01 ) that controls how fast the ANN converges. A parameter "delta" is a very small number (e.g. 0.0001 ) that is used to determine when to stop iteration of the ANN. A maximum number of iterations to be allowed in ANN may be specified to prevent runaway calculations.
[0108] In one embodiment, the correlation value from the ANN falls between -1 and 1 where a "1 " implies two variables are exactly same, and a "-1 " implies the worst discrepancy. In other words, the closes the output is to 1 the closer to the reference signature (i.e. a match). Therefore, the closest result to one (as is practical) may be chosen as the adapted reference signature.
[0109] In one embodiment, the score is an integer value corresponding to the output "Y" of the ANN. In one aspect, the score is 100 times Y, which is rounded to nearest whole-number. For example, if ANN outputs 0.91 , then, the score is 91.
[0110] In one embodiment, because in real case "1 " is almost impossible, a value may be chosen that is close to "1 ", e.g. 0.99. In another embodiment, during updating reference signature, the ANN optimize itself to target value with error less than delta, e.g. 0.0001.
[0111] The threshold used in block 640 may also be considered a parameter since it is used to determine whether a particular input signature is authentic. Since in one embodiment only authentic signatures (ones that match) are used to updated the reference, the threshold affects when the ANN updates the reference. Different version of the ANN may be used depending on the type of application and the type of cards to be used.
[0112] Initial test results for the ANN scores of 0.7-0.9 using 22 signatures from the same authentic card, where 1 is a perfect match. For 120 signatures obtained from different cards than the authentic card, scores were less than < 0.2.
[0113] In one embodiment, the ANN is a nonlinear classifier having three layers with the middle layer being hidden. In one example, input net has 32 values, the middle net has 6 values, and the output net has 2 values.
[0114] In block 680, a new threshold is computed. In one embodiment, the threshold may simply be computed by adding the new score point, and determining a new distribution. In another embodiment, new scores for the previously calculated signature may be determined based on the new reference signature, and the new distribution can be calculated. This threshold may then be used for the next input signature that is received.
[0115] In one embodiment, the threshold is updated after the change of distribution of scores reaches a significant level compared to the distribution that was previously used to calculate the threshold. In one aspect, the change is the normalized difference at each score. Such a change may occur after scores of signature of many new swipes have been included in the distribution.
[0116] When 670 and 680 are used together, a degradation of the magnetic stripe may be accounted for. As mentioned above, over time, a magnetic stripe may have certain magnetic particles dislodged or removed, for example, by scratches. This could alter a signature. If the reference signature stayed the same, then it would be more difficult to distinguish a different card (in effect that card has become different due to the decay).
[0117] The decay may be seen as a shifting to the left of the distribution 530 of FIG. 5. The threshold could change, but the amount of false positives or negatives would still increase, resulting in less accuracy. By using block 670, the distribution 530 can be made to stay further right, thus giving a better separation from distributions resulting from different cards.
[0118] To illustrate the benefits of embodiments described herein, a simulation was performed where noise was added to signatures. Distributions using updated reference signatures and without updating the reference signature were compared.
[0119] In the simulation, a reference signature was chosen from a swipe of a card. For 50 iterations, noise was added to the reference signature. For each iteration, some amount of noise was added by randomly choosing a value in {-2, -1 , 1 , 2} and adding that one value to the signature at 5 random positions. Signatures for different cards (i.e. not the reference card) were obtained by swiping those cards. No noise was added to these signatures of the different.
[0120] FIG. 7 is a histogram 700 showing a score distribution of a simulation using a bit-by-bit comparison of binary numbers obtained from digital samples of the magnetic signature. The X axis relates a score from 0 to 200, with 200 being the best match. The Y axis is the number of signatures that had a particular score. Each of the scores is computed from the original reference signature, i.e. before adding noise to simulate additional swipes.
[0121] The scores 720 (dark data points) show the scores from different cards than the reference card. As one can see, the scores 720 are generally clustered to the left of a threshold 710, which was calculated using to minimize the false positives and false negatives (also termed the overlap). However, there are a few scores that are present to the right of the threshold 710, which is at a score of 117.
[0122] The scores 730 (lighter data points) are the scores from the signatures where noise was added to the reference signature. The scores 730 are generally clustered to the right of the threshold 710. However, there are a few that are present to the left of the threshold 710. The overlap is 16, thus there is a noticeable level of inaccuracy.
[0123] FIG. 8 is a histogram 800 showing a score distribution of a simulation where scores are calculated according to an embodiment of the present invention. The X axis and the Y axis are the same as in plot 700. The scores are calculated using an LDCT representation of the magnetic signature. The scores are also calculated using a reference signature that was updated from the original reference signature.
[0124] As one can see, the scores 820 (dark data points) from different cards are all clustered to the left of a threshold 810. The threshold 810 is based on the scores shown. Notice that there are no points that are present to the right of the threshold 810, meaning no false positives.
[0125] The scores 830 (light data points) are the scores from the signatures where noise was added to the reference signature. These scores are all clustered to the right of the threshold 810. There are no points that are present to the left of the threshold 810, which is at 112. Here all of the points are categorized accurately, as shown by a zero overlap.
[0126] FIG. 9 shows an exemplary system 20 according to an embodiment of the invention. Other systems according to other embodiments of the invention may include more or less components than are shown in FIG. 9.
[0127] The system 20 shown in FIG. 9 includes a merchant 22 and an acquirer 24 associated with the merchant 22. In a typical payment transaction, a consumer 30 may purchase goods or services at the merchant 22 using a portable consumer device 32, such as a debit card, credit card, and a smartcard. The merchant 22 could be a physical brick and mortar merchant or an e-merchant.
[0128] The consumer may interact with the payment processing network 26 and the merchant through an access device 34, such as a point of sale (POS) terminal, personal computer, and a mobile phone. The merchant 22 may also have, or may receive communications from, an access device 34 that can interact with the portable consumer device 32. The access device 34 may be part of, be, or include a computing device that includes a processor that calculates the representation of the magnetic signature for sending to an authentication device. The access device 34 may also include the authentication device.
[0129] Conventionally, an authorization request message, which may include the representation of the magnetic signature, is then forwarded to the acquirer 24, and then sent to the payment processing network 26, which may include the authentication device. The payment processing network 26 then forwards the authorization request message to the issuer 28 of the portable consumer device 32, who sends an authorization response message back to the payment processing network 26 to indicate whether or not the current transaction is authorized. Any of the entities herein (e.g. acquirer 24, payment processing network 26, or the issuer 28) may implement embodiments for authenticating a card (or other document).
[0130] For example, the payment processing network 26 may perform an authentication check, determine an authentication score, and devise a risk value, which may be based on other factors than the authentication of the magnetic signature. In this case, the authentication device may be any one or more computers in the payment processing network 26. The issuer then may use the risk value to determine whether or not the transaction is to be authorized. In another embodiment, the payment processing network 26 may determine that the card is not authenticated and then send a denial to the merchant 22 without ever contacting the issuer 28.
[0131] The payment processing network 26 can forward the authorization response message back to the acquirer 24, who then sends the response message back to the merchant 22. After the merchant 22 receives the authorization response message, the access device 34 at the merchant 22 may then provide the authorization response message for the consumer 30. The response message may be displayed by the access device 34 or the portable consumer device 32, or may be printed out on a receipt. The response message may include a denial for a transaction based on the card not being authenticated. [0132] At the end of the day, a normal clearing and settlement process can be conducted by the payment processing network 26. A clearing process is a process of exchanging financial details between and acquirer and an issuer to facilitate posting to a consumer's account and reconciliation of the consumer's settlement position.
[0133] As used herein, an "acquirer" is typically a business entity, e.g., a commercial bank that has a business relationship with a particular merchant or an ATM. An "issuer" is typically a business entity (e.g., a bank) which issues a portable consumer device such as a credit or debit card to a consumer. Some entities can perform both issuer and acquirer functions. Embodiments of the invention encompass such single entity issuer-acquirers.
[0134] The consumer 30 may be an individual, or an organization such as a business that is capable of purchasing goods or services. In other embodiments, the consumer 30 may simply be a person who wants to conduct some other type of transaction such as a money transfer transaction or a transaction at an ATM.
[0135] The portable consumer device 32 may be in any suitable form. For example, suitable portable consumer devices can be hand-held and compact so that they can fit into a consumer's wallet and/or pocket (e.g., pocket-sized). They may include smart cards, ordinary credit or debit cards (with a magnetic strip and without a microprocessor), etc. Other examples of portable consumer devices include, payment cards, security cards, and access cards, and the like. The portable consumer devices can also be debit devices (e.g., a debit card), credit devices (e.g., a credit card), or stored value devices (e.g., a stored value card).
[0136] The access devices 34 according to embodiments of the invention can be in any suitable form. Examples of access devices include point of sale (POS) devices, cellular phones, PDAs, personal computers (PCs), tablet PCs, handheld specialized readers, set-top boxes, electronic cash registers (ECRs), automated teller machines (ATMs), virtual cash registers (VCRs), kiosks, security systems, access systems, and the like.
[0137] If the access device 34 is a point of sale terminal, any suitable point of sale terminal may be used including card readers. The card readers may include any suitable contact or contactless mode of operation. For example, exemplary card readers can include RF (radio frequency) antennas, magnetic stripe readers, etc. to interact with the portable consumer devices 32.
[0138] The payment processing network 26 may include data processing subsystems, networks, and operations used to support and deliver authorization services, exception file services, and clearing and settlement services. An exemplary payment processing network may include VisaNet™. Payment processing networks such as VisaNet™ are able to process credit card transactions, debit card transactions, and other types of commercial transactions. VisaNet™, in particular, includes a VIP system (Visa Integrated Payments system) which processes authorization requests and a Base Il system which performs clearing and settlement services.
[0139] The payment processing network 26 may include a server computer. A server computer is typically a powerful computer or cluster of computers. For example, the server computer can be a large mainframe, a minicomputer cluster, or a group of servers functioning as a unit. In one example, the server computer may be a database server coupled to a Web server. The payment processing network 26 may use any suitable wired or wireless network, including the Internet. The issuer 28 may be a bank or other organization that may have an account associated with the consumer 30. The issuer 28 may operate a server.
[0140] Embodiments of the invention are not limited to the above-described embodiments. For example, although separate functional blocks are shown for an issuer, payment processing network, and acquirer, some entities perform all or any suitable combination of these functions and may be included in embodiments of invention. Additional components may also be included in embodiments of the invention.
[0141] FIG. 10 shows components or subsystems of a computer apparatus that may be used to perform or be parts of embodiments of the present invention. For example, such components or any subset of such components may be present in various components shown in FIG. 9, including the access device 34, server computers 26(a), 28(a), etc. The subsystems shown in FIG. 10 are interconnected via a system bus 1075. Additional subsystems such as a printer 1074, keyboard 1078, fixed disk 1079, monitor 1076, which is coupled to display adapter 1082, and others are shown. Peripherals and input/output (I/O) devices, which couple to I/O controller 1071 , can be connected to the computer system by any number of means known in the art, such as serial port 1077. For example, serial port 1077 or external interface 1081 can be used to connect the computer apparatus to a wide area network such as the Internet, a mouse input device, or a scanner. The interconnection via system bus 1075 allows the central processor 1073 to communicate with each subsystem and to control the execution of instructions from system memory 1072 or the fixed disk 1079, as well as the exchange of information between subsystems. The system memory 1072 and/or the fixed disk 1079 may embody a computer readable medium.
[0142] In one embodiment, the access device 34 (such as mobile phone) stores a reference signature. Thus, the access device may perform the comparison and provide a measure of authenticity.
[0143] FIG. 11 is a flowchart of a method 1100 for authenticating a document having a magnetic stripe using a portable device according to an embodiment of the present invention. The portable device is any electronic device that a consumer can carry, such as a mobile phone, an mp3 player, camera, etc.
[0144] In step 1110, the magnetic stripe of a document (e.g. a card) is scanned using the portable device to create digital samples. The creation of the digital samples may be done as described in steps 410 and 420 for method 400. In this method, the portable device includes a magnetic read head.
[0145] In step 1120, a processor of the portable device calculates a plurality of expansion coefficients of a set of continuous basis functions based on the digital samples. As mentioned above, the expansion coefficients may be determined by performing a transform (e.g. a fast Fourier transform, or LDCT) on the digital sample values. Other fitting or optimization algorithms may also be used to determine the best or suitable coefficients that when coupled with the basis functions provide the approximate values of the digital samples. In one aspect, this processor is or is part of an authentication device as described herein.
[0146] In step 1130, the calculated expansion coefficients are compared to reference expansion coefficients that are stored on the portable device. The comparison may occur similarly as described for step 470 of method 400. The reference expansion coefficients may be stored in a memory that is not user accessible. In this manner, someone could not counterfeit a credit card and store the reference signature of the counterfeit card on a portable device. One skilled in the art will appreciate the different ways that this may be accomplished.
[0147] In one embodiment, a phone company or other wireless provider can write a reference signature to the phone. The data may be encrypted and the memory location not identifiable to a user of the portable device. A payment processing network may also be given instructions on how to access the reference number. In this manner, the payment processing network may be able to update the reference signature.
[0148] The comparison of the expansion coefficients may be performed by the same processor that calculates the expansion coefficients. In another embodiment, a different processor, which may be more secure, may be used. This processor (e.g. an application specific circuit) may be dedicated specifically to this comparison function. This processor also may be configured to be the only device that can read the reference signature.
[0149] In step 1140, based on the comparison, a measure of the authenticity of the document is provided. The measure of authenticity may be of any form as described herein, e.g. for step 480 of method 400.
[0150] In some embodiments, the authentication of the document (e.g. a credit card) is part of an overall process of authorizing a transaction using an account associated with the document. In such embodiments, the steps below may be performed.
[0151] In step 1150, a request for authorization is sent. In one embodiment, the authorization request is sent from the portable device. For example, the mobile phone may send an SMS (short messaging system) message or make a network connection (e.g. using the Internet) to an authorizing entity (such as a payment processing network or an issuer of the account). The authorization request can include the measure of authenticity or any result using the measure, such as a binary result based on a comparison with a threshold value. [0152] In another embodiment, the portable device may transmit a measure of authenticity to an access device (e.g. POT terminal) associated with the transaction, such as at a retail store. The access device may then submit the authorization request. In one embodiment, the transmission may occur through a physical connection, such as a cable. In another embodiment, the portable device may have a contactless element that can wirelessly transmit data to a receiver on the POT terminal. Different wireless protocols such as infrared, Bluetooth, Wi-Fi, and others may be used.
[0153] In step 1160, a response to the authorization request may be received. In one embodiment, the response is received at the portable device. In another embodiment, the response is received at another device, such as at a display of a store, which may occur even when the request is sent by the portable device. If the transaction is authorized, the store may then provide a good or service to the consumer.
[0154] An exemplary portable device 32' in the form of a phone may comprise a computer readable medium and a body as shown in FIG. 12. (FIG. 12 shows a number of components, and the portable consumer devices according to embodiments of the invention may comprise any suitable combination or subset of such components.) The computer readable medium 32(b) may be present within the body 32(h), or may be detachable from it. The body 32(h) may be in the form a plastic substrate, housing, or other structure. The computer readable medium 32(b) may be a memory that stores data and may be in any suitable form including a magnetic stripe, a memory chip, etc. The memory preferably stores information such as financial information, transit information (e.g., as in a subway or train pass), access information (e.g., as in access badges), etc. The memory may also store the reference expansion coefficients or other digital representation of the magnetic characteristic. Note that the memory may be made of multiple modules or circuits. Financial information may include information such as bank account information, bank identification number (BIN), credit or debit card number information, account balance information, expiration date, consumer information such as name, date of birth, etc. Any of this information may be transmitted by the portable consumer device 32. [0155] The portable consumer device 32 may further include a contactless element 32(g), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer (e.g., data transmission) element, such as an antenna. Contactless element 32(g) is associated with (e.g., embedded within) portable consumer device 32 and data or control instructions transmitted via a cellular network may be applied to contactless element 32(g) by means of a contactless element interface (not shown). The contactless element interface functions to permit the exchange of data and/or control instructions between the mobile device circuitry (and hence the cellular network) and an optional contactless element 32(g).
[0156] Contactless element 32(g) is capable of transferring and receiving data using a near field communications ("NFC") capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443/NFC). Near field communications capability is a short- range communications capability, such as RFID, Bluetooth™, infra-red, or other data transfer capability that can be used to exchange data between the portable device 32 and an interrogation device. Thus, the portable device 32 is capable of communicating and transferring data and/or control instructions via both cellular network and near field communications capability.
[0157] The portable device 32 may also include a processor 32(c) (e.g., a microprocessor) for processing the functions of the portable device 32 and a display 32(d) to allow a consumer to see phone numbers and other information and messages. The portable device 32 may further include input elements 32(e) to allow a consumer to input information into the device, a speaker 32(f) to allow the consumer to hear voice communication, music, etc., and a microphone 32(i) to allow the consumer to transmit her voice through the portable consumer device 32. The portable electronic device 32 may also include an antenna 32(a) for wireless data transfer (e.g., data transmission).
[0158] The portable device 32 may also be used to identify the cardholder for a transaction.
[0159] FIG. 13 is a flowchart of a method for identifying the identity of a cardholder according to an embodiment of the present invention. A portable electronic device such as device 32 stores a digital representation of the magnetic characteristic. The digital representation may be of any form, e.g., expansion coefficients, a binary number, or any other form mentioned herein.
[0160] The portable device is associated with the cardholder. This association may be performed by the cardholder registering the phone with an entity associated with the card, such as the issuer of the card or a payment processing network associated with the card. For example, the user may be required to call or text message a particular number, e.g., when activating the card. The registration may be performed or required at a retail facility.
[0161] Upon this registration, the digital representation may be downloaded to a memory of the portable device (e.g. a phone). The memory (or at least a specific portion of the memory) may be configured to have secured access, .e.g., a specific code (such as key) or hardware may be required to write or read to the memory. The digital representation may also be determined from a scan of the card by the portable device or by another device and then sent to the portable device (e.g. when the two devices are in close proximity).
[0162] In step 1310, a request is received to verify the identity of a person as being the cardholder. The request may be received via any wired, but preferably wireless logic. In one embodiment, the request is sent by the other entity (or an electronic device of the other entity) involved in the transaction. For example, a POS terminal may send a request to a phone of the person attempting to make a purchase or other transaction. In another embodiment, the request is sent from the other entity to the issuer or payment processing network, which then transmits a request to the portable device.
[0163] In step 1320, the portable device accesses the memory to retrieve the digital representation of the magnetic characteristic of the magnetic stripe of the card. The access may achieved in any number of secure ways. For example, the issuer or payment processing network may send a location of the digital representation, so that the portable device may access a particular part of memory. In other words, the operating system or other application of the portable device may not know how to retrieve the data without the location information. [0164] In step 1330, the digital representation is transmitted. In one embodiment, the digital representation is transmitted to the other entity in the transaction (e.g. the merchant). The representation may be encrypted so that the other entity is not able to determine the values of the digital representation. In another embodiment, the digital representation is transmitted to the issuer, payment processing network, acquirer, or other entity that has access to a reference representation of the magnetic characteristic.
[0165] In step 1340, the digital representation is received at the entity that has the digital representation. As mentioned above, the digital representation may be received directly from the portable device or through another device (e.g. via a POS terminal).
[0166] In step 1350, the digital representation is compared to a reference representation. For example, the reference representation may be the exact values that were originally downloaded to the portable device. In one embodiment, the current scan (i.e. a current representation) of the card is also compared against the reference representation. This current scan may be sent in a same message from the portable device or from another electronic device.
[0167] In step 1360, a response to the identity verification is sent. In one embodiment, the response is a true or false (i.e. binary) result as to whether the digital representation from the portable device is the same as the reference representation. The response may be sent to the other electronic device (such as a POS terminal) or to another electronic device associated with the other entity in the transaction.
[0168] Embodiments of the invention provide for a number of advantages. For example, less bandwidth (while no compromising accuracy) is required since the data points are transformed to a function space that can more efficiently describe the magnetic characteristic (i.e. fingerprint, signature). Also, embodiments account for the degradation of a card, thus maintaining accuracy over time.
[0169] The specific details of the specific aspects of the present invention may be combined in any suitable manner without departing from the spirit and scope of embodiments of the invention. However, other embodiments of the invention may be directed to specific embodiments relating to each individual aspects, or specific combinations of these individual aspects.
[0170] It should be understood that the present invention as described above can be implemented in the form of control logic using computer software in a modular or integrated manner. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will know and appreciate other ways and/or methods to implement the present invention using hardware and a combination of hardware and software
[0171] Any of the software components or functions described in this application, may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques. Computer programs incorporating features of the present invention may be encoded on various computer readable media for storage and/or transmission; suitable media include magnetic disk or tape, optical storage media such as compact disk (CD) or DVD (digital versatile disk), flash memory, and the like. The computer readable medium may be any combination of such storage or transmission devices.
[0172] Such programs may also be encoded and transmitted using carrier signals adapted for transmission via wired, optical, and/or wireless networks conforming to a variety of protocols, including the Internet. As such, a computer readable medium according to an embodiment of the present invention may be created using a data signal encoded with such programs. Computer readable media encoded with the program code may be packaged with a compatible device or provided separately from other devices (e.g., via Internet download). Any such computer readable medium may reside on or within a single computer program product (e.g. a hard drive or an entire computer system), and may be present on or within different computer program products within a system or network.
[0173] The above description is illustrative and is not restrictive. Many variations of the invention will become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents. [0174] A recitation of "a", "an" or "the" is intended to mean "one or more" unless specifically indicated to the contrary.
[0175] All patents, patent applications, publications, and descriptions mentioned above are herein incorporated by reference in their entirety for all purposes. None is admitted to be prior art.

Claims

WHAT IS CLAIMED IS:
1. A method for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic exists over one or more predetermined segments of the magnetic stripe, the method comprising: receiving, at an authentication device, a set of expansion coefficients corresponding a set of continuous basis functions, wherein the expansion coefficients are based on digital samples of an analog signal representative of the magnetic characteristic; comparing the received expansion coefficients to reference expansion coefficients; and based on the comparison, providing a measure of an authenticity of the document.
2. The method of claim 1 , further comprising: calculating new reference expansion coefficients using the received reference coefficients.
3. The method of claim 2, wherein calculating new reference expansion coefficients involves using an optimization algorithm.
4. The method of claim 3, wherein the optimization algorithm minimizes a total error resulting from comparing a plurality of sets of received expansion coefficients to the new reference expansion coefficients or maximizes the measure of authenticity for a plurality of sets of received expansion coefficients compared to the new reference expansion coefficients.
5. The method of claim 3, wherein the optimization algorithm uses an artificial neural network.
6. The method of claim 1 , wherein comparing the calculated expansion coefficients to reference expansion coefficients includes: taking a difference between each of the received expansion coefficients and a corresponding one of the reference expansion coefficients.
7. The method of claim 6, wherein providing a measure of the authenticity of the document includes: calculating a sum of the differences between the received expansion coefficients and the reference expansion coefficients.
8. The method of claim 1 , further comprising: comparing the measure to at least one threshold value to determine a categorization of the document.
9. The method of claim 8, wherein the categorization is selected from a group including: the document is not authentic; and the document is authentic.
10. The method of claim 8, further comprising: using the measure to determine a distribution of measures associated with the authentic document; and updating the threshold value using the distribution.
11. The method of claim 10, further comprising receiving one or more additional sets of expansion coefficients, wherein the threshold is updated after a change of the distribution of measures reaches a predetermined level.
12. The method of claim 1 , further comprising: using the measure of authenticity to determine a risk level for a transaction involving an account associated with the document.
13. The method of claim 12, wherein the set of expansion coefficients are received as part of a request for authorizing the transaction.
14. A computer program product comprising a computer readable medium encoded with a plurality of instructions for controlling a computing system to perform a method for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the instructions comprising: receiving a set of expansion coefficients corresponding a set of continuous basis functions, wherein the expansion coefficients are based on digital samples of an analog signal representative of the magnetic characteristic; comparing the received expansion coefficients to reference expansion coefficients; and based on the comparison, providing a measure of an authenticity of the document.
15. The computer program product of claim 14, wherein the instructions further comprise: calculating new reference expansion coefficients using the received reference coefficients.
16. A system for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the system comprising: an input for receiving a set of expansion coefficients corresponding to a set of continuous basis functions, wherein the expansion coefficients are based on digital samples of an analog signal representative of the magnetic characteristic; a processor communicably coupled with the input, the processor configured to: compare the received expansion coefficients to reference expansion coefficients; and based on the comparison, provide a measure of an authenticity of the document.
17. The system of claim 16, wherein the processor is further configured to calculate new reference expansion coefficients using the received reference coefficients.
18. The system of claim 16, wherein the processor is further configured to use the measure of authenticity to determine a risk level for a transaction involving an account associated with the document.
19. The system of claim 18, wherein the set of expansion coefficients are received as part of a request for authorizing the transaction.
20. The system of claim 16, wherein the processor is further configured to compare the measure to at least one threshold value to determine a categorization of the document.
21. A method for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the method comprising: receiving, at a processor of a computing device, a plurality of digital samples of an analog signal representative of the magnetic characteristic; calculating, with the processor, a plurality of expansion coefficients of a set of continuous basis functions based on the digital samples; and sending at least a portion of the expansion coefficients to an authentication device that compares the portion of the calculated expansion coefficients to reference expansion coefficients to obtain a measure of the authenticity of the document.
22. The method of claim 21 , wherein the portion of the expansion coefficients is the first N coefficients in the expansion, where N is an integer less than the number of digital samples.
23. The method of claim 21 , wherein the continuous basis functions include oscillating functions.
24. The method of claim 23, wherein the continuous basis functions include a cutoff function corresponding to one or more of the segments.
25. The method of claim 24, wherein the continuous basis functions include a local discrete cosine transform.
26. The method of claim 21 , wherein each of the basis functions includes a continuous function that spans all of the predetermined segments.
27. The method of claim 21 , wherein the magnetic stripe has one or more additional distinct magnetic characteristics, each occurring over one or more additional predetermined segments of the magnetic stripe, further comprising: for each of the additional distinct magnetic characteristics, repeating receiving the digital samples, calculating expansion coefficients, and sending the expansion coefficients.
28. The method of claim 21 , wherein the computing device is part of a document scanning device.
29. The method of claim 28, further comprising: scanning the magnetic stripe to create an analog signal; and sampling the analog signal to create the digital samples.
30. The method of claim 28, wherein the document scanning device is a card reader at a point of transaction terminal.
31. The method of claim 30, wherein sending the expansion coefficients to an authentication device is performed over a network.
32. A computer program product comprising a computer readable medium encoded with a plurality of instructions for controlling a computing system to perform a method for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the instructions comprising: receiving a plurality of digital samples of an analog signal representative of the magnetic characteristic; calculating a plurality of expansion coefficients of a set of continuous basis functions based on the digital samples; and sending at least a portion of the expansion coefficients to an authentication device that compares the portion of the calculated expansion coefficients to reference expansion coefficients to obtain a measure of the authenticity of the document.
33. A system for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the system comprising: an input for receiving a plurality of digital samples of an analog signal representative of the magnetic characteristic; and a processor communicably coupled with the input, the processor configured to: calculate expansion coefficients of a set of continuous basis functions based on the digital samples; and send at least a portion of the expansion coefficients to an authentication device that compares the portion of the calculated expansion coefficients to reference expansion coefficients to obtain a measure of the authenticity of the document.
34. The system of claim 33, further comprising: a scanner having a read head for creating an analog signal representing the magnetic stripe; and an analog to digital converter for sampling the analog signal to create the digital samples.
35. The system of claim 33, wherein the system is a mobile phone.
36. The system of claim 33, wherein the at least a portion of the expansion coefficients are sent to an authentication device using a mobile phone network to which a user of the mobile phone subscribes.
37. A portable device for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the portable device comprising: an input for receiving a plurality of digital samples of an analog signal representative of the magnetic characteristic; and one or more processors communicably coupled with the input, the processor configured to: calculate expansion coefficients of a set of continuous basis functions based on the digital samples; compare the expansion coefficients to reference expansion coefficients; and based on the comparison, provide a measure of an authenticity of the document.
38. The portable device of claim 64, further comprising: a memory that stores the reference expansion coefficients.
39. The portable device of claim 64, further comprising: a contactless element for transmitting a measure of authenticity.
40. The portable device of claim 64, wherein the contactless element is configured to transmit, over a network, the measure of authenticity or a result based on the measure of authenticity to a payment processing network.
41. The portable device of claim 64, wherein the contactless element is configured to transmit the measure of authenticity or a result based on the measure of authenticity to a point of transaction terminal.
42. The portable device of claim 64, further comprising: a scanner having a read head for creating an analog signal representing the magnetic stripe; and an analog to digital converter for sampling the analog signal to create the digital samples.
43. A method for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic exists over one or more predetermined segments of the magnetic stripe, the method comprising: receiving, at an authentication device, a set of values representing the magnetic characteristic; comparing the received values to reference values, wherein comparing includes: determining an error for each received value, wherein each error includes a sum of contributions, each corresponding to a different set of previously received values representing the magnetic characteristic; and based on the comparison, providing a measure of an authenticity of the document.
44. The method of claim 43, wherein each contribution includes a difference between a received value and a corresponding value of a respective set of previously received values.
45. The method of claim 44, wherein each contribution includes a respective weighting factor multiplied by a corresponding difference.
46. The method of claim 43, wherein determining an error for each received value includes: calculating a sum of the corresponding values of the previously received sets; and determining a difference between the received value and the corresponding sum.
47. The method of claim 43, further comprising: comparing the measure to a threshold to determine a category of authenticity of the documents; and updating the threshold based on the received values.
48. The method of claim 47, further comprising receiving one or more additional sets of expansion coefficients, wherein the threshold is updated after a change of a distribution of measures reaches a predetermined level.
49. The method of claim 43, further comprising: calculating new reference values using the received values.
50. The method of claim 49, wherein calculating new reference values involves using an optimization algorithm.
51. The method of claim 50, wherein the optimization algorithm minimizes a total error resulting from comparing a plurality of sets of received values to the new reference values or maximizes the measure of authenticity for a plurality of sets of received values compared to the new reference values.
52. The method of claim 49, wherein the received values used to calculate the new reference values are received values for a document that has been authenticated.
53. The method of claim 52, wherein the new reference values are created after N authentic input signatures have been received.
54. A computer program product comprising a computer readable medium encoded with a plurality of instructions for controlling a computing system to perform a method for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the instructions comprising: receiving a set of values representing the magnetic characteristic; comparing the received values to reference values, wherein comparing includes: determining an error for each received value, wherein each error includes a sum of contributions, each corresponding to a different set of previously received values representing the magnetic characteristic; and based on the comparison, providing a measure of an authenticity of the document.
55. The computer program product of claim 54, wherein each contribution includes a difference between a received value and a corresponding value of a respective set of previously received values.
56. The computer program product of claim 54,wherein determining an error for each received value includes: calculating a sum of the corresponding values of the previously received sets; and determining a difference between the received value and the corresponding sum.
57. The computer program product of claim 54,further comprising: comparing the measure to a threshold to determine a category of authenticity of the documents; and updating the threshold based on the received values.
58. The computer program product of claim 54, further comprising: calculating new reference values using the received values.
59. A system for authenticating a document that includes a magnetic stripe having a distinct magnetic characteristic, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, the system comprising: an input for receiving a set of values representing the magnetic characteristic; a processor communicably coupled with the input, the processor configured to: compare the received values to reference values, wherein the comparing includes: determining an error for each received value, wherein each error includes a sum of contributions, each corresponding to a different set of previously received values; and based on the comparison, providing a measure of an authenticity of the document.
60. The system of claim 59, wherein each contribution includes a difference between a received value and a corresponding value of a respective set of previously received values.
61. The system of claim 59, wherein determining an error for each received value includes: calculating a sum of the corresponding values of the previously received sets; and determining a difference between the received value and the corresponding sum.
62. The system of claim 59, wherein the processor is further configured to: comparing the measure to a threshold to determine a category of authenticity of the documents; and updating the threshold based on the received values.
63. The system of claim 59, wherein the processor is further configured to: calculate new reference values using the received values.
64. A portable device for verifying an identity of a cardholder during a transaction involving a card, the portable device comprising: a memory that stores a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe; input logic for receiving a request for verification of the identify of the cardholder; and output logic for transmitting the digital representation to another electronic device in response to receiving the request.
65. The portable device of claim 64, wherein the output logic is configured to encrypt the digital representation before transmitting.
66. The portable device of claim 64, wherein the another electronic device is an originator of the request for the verification.
67. The portable device of claim 64, further comprising: logic for receiving the digital representation from an entity associated with an issuer of the card and storing the digital representation in the memory.
68. The portable device of claim 67, wherein the entity associated with an issuer of the card is a payment processing network for the transaction.
69. The portable device of claim 67, wherein the another electronic device is associated with the entity associated with an issuer of the card.
70. The portable device of claim 67, wherein a portion of the memory that stores the digital representation is secured against access by other entities other than the entity associated with an issuer of the card.
71. The portable device of claim 64, further comprising: an input for receiving a plurality of digital samples of an analog signal representative of the magnetic characteristic; and logic to determine the digital representation.
72. The portable device of claim 71 , wherein the logic to determine the digital representation includes one or more processors communicably coupled with the input, the processor configured to: calculate expansion coefficients of a set of continuous basis functions based on the digital samples to determine the digital representation.
73. The portable device of claim 64, wherein the digital representation includes reference expansion coefficients that are used to determine whether another digital representation originated from the card.
74. The portable device of claim 64, wherein the portable device is a phone.
75. A method of verifying an identity of a cardholder during a transaction involving a card, the method comprising: receiving, at a portable electronic device of the cardholder, a request for verification of the identify of the cardholder; accessing a memory of the portable electronic device that stores a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe; and transmitting the digital representation to another electronic device in response to receiving the request.
76. The method of claim 75, further comprising: receiving, at the portable electronic device, the digital representation from an entity associated with an issuer of the card.
77. The method of claim 76, wherein the entity associated with an issuer of the card is a payment processing network for the transaction.
78. The method of claim 76, wherein the another electronic device is associated with the entity associated with an issuer of the card.
79. The method of claim 76, wherein a portion of the memory that stores the digital representation is secured against access by other entities other than the entity associated with an issuer of the card.
80. The method of claim 75, further comprising: receiving, at the portable electronic device, a plurality of digital samples of an analog signal representative of the magnetic characteristic; and determining the digital representation.
81. The method of claim 80, wherein determining the digital representation includes calculating expansion coefficients of a set of continuous basis functions based on the digital samples to determine the digital representation.
82. The method of claim 75, wherein the digital representation includes reference expansion coefficients that are used to determine whether another digital representation originated from the card.
83. A method of verifying an identity of a cardholder during a transaction involving a card, the method comprising: receiving, at a system of an entity associated with an issuer of the card, a digital representation of a distinct magnetic characteristic of a magnetic stripe of the card, wherein the magnetic characteristic occurs over one or more predetermined segments of the magnetic stripe, and wherein the digital representation is sent from a portable electronic device of the cardholder in response to a request for identity verification; comparing the digital representation to a reference representation; and based on the comparison, sending a response for the verification request to a requesting device that made the request for the identity verification.
84. The method of claim 83, wherein the digital representation is received from the requesting device, wherein the requesting device receives the digital representation from the portable electronic device.
85. The method of claim 83, wherein the entity associated with an issuer of the card is a payment processing network for the transaction.
86. The method of claim 83, further comprising: prior to the request for identity verification being made, transmitting the digital representation from the system of the entity associated with the issuer of the card to the portable electronic device.
87. The method of claim 86, wherein a portion of the memory that stores the digital representation is secured against access by other entities other than the entity associated with an issuer of the card.
88. The method of claim 83, further comprising: receiving a plurality of expansion coefficients created from a sampling of the magnetic stripe, wherein the response for the verification request is also based on the expansion coefficients.
89. The method of claim 88, wherein the digital representation includes reference expansion coefficients that are used to determine whether the expansion coefficients were created from the card.
EP09828284A 2008-11-21 2009-11-20 Authentication of documents having a magnetic stripe Withdrawn EP2359316A4 (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US12/276,227 US9027831B2 (en) 2008-11-21 2008-11-21 Updating of reference magnetic signature for authenticating a document with a magnetic stripe
US12/276,212 US7967203B2 (en) 2008-11-21 2008-11-21 Authenticating a document with a magnetic stripe
US12/276,095 US8118220B2 (en) 2008-11-21 2008-11-21 Verifying cardholder identity using signature of the card
US12/276,224 US8104677B2 (en) 2008-11-21 2008-11-21 Authentication of documents having magnetic stripe
PCT/US2009/065303 WO2010059929A2 (en) 2008-11-21 2009-11-20 Authentication of documents having a magnetic stripe

Publications (2)

Publication Number Publication Date
EP2359316A2 true EP2359316A2 (en) 2011-08-24
EP2359316A4 EP2359316A4 (en) 2012-08-29

Family

ID=42198820

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09828284A Withdrawn EP2359316A4 (en) 2008-11-21 2009-11-20 Authentication of documents having a magnetic stripe

Country Status (5)

Country Link
EP (1) EP2359316A4 (en)
AU (1) AU2009316464A1 (en)
BR (1) BRPI0921998A2 (en)
CA (1) CA2744535A1 (en)
WO (1) WO2010059929A2 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105427446A (en) * 2015-11-06 2016-03-23 东方通信股份有限公司 Authentic identification method for paper money based on magnetic signal
CN110363483B (en) * 2019-07-22 2022-05-03 西南交通大学 Sample expansion and checking method based on shared platform freight trip data
US20220145345A1 (en) 2020-11-11 2022-05-12 Microsoft Technology Licensing, Llc Spatial control of polynucleotide synthesis by strand capping

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5254843A (en) * 1991-08-07 1993-10-19 Hynes John E Securing magnetically encoded data using timing variations in encoded data
US20030219145A1 (en) * 2002-04-09 2003-11-27 Smith Joshua R. System and method for authentication of a workpiece using three dimensional shape recovery
US20030225708A1 (en) * 2002-06-04 2003-12-04 Bottomline Technologies (De) Inc. System and method for producing and verifying secure negotiable instruments
US20050006472A1 (en) * 2003-03-19 2005-01-13 Verschuur Gerrit L. Media verification system
FR2902548A1 (en) * 2006-06-14 2007-12-21 Guillaume Poizat PROCESS FOR TRACEABILITY OF PRODUCTS WITHOUT ADDING OR MODIFYING THE MATERIAL USING A DIGITAL SIGNATURE OBTAINED FROM ONE OR MORE INTRINSIC CHARACTERISTICS OF THE PRODUCT

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6899269B1 (en) * 1998-07-22 2005-05-31 Mag-Tek, Inc. Magnetic stripe authentication and verification system
US7478751B2 (en) * 1998-07-22 2009-01-20 Magtek, Inc. Method and apparatus for authenticating a magnetic fingerprint signal using a filter capable of isolating a remanent noise related signal component
WO2003049024A1 (en) * 2001-10-09 2003-06-12 Magtek, Inc. Method and apparatus for generating images of magnetic fields in at least two dimensions

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5254843A (en) * 1991-08-07 1993-10-19 Hynes John E Securing magnetically encoded data using timing variations in encoded data
US20030219145A1 (en) * 2002-04-09 2003-11-27 Smith Joshua R. System and method for authentication of a workpiece using three dimensional shape recovery
US20030225708A1 (en) * 2002-06-04 2003-12-04 Bottomline Technologies (De) Inc. System and method for producing and verifying secure negotiable instruments
US20050006472A1 (en) * 2003-03-19 2005-01-13 Verschuur Gerrit L. Media verification system
FR2902548A1 (en) * 2006-06-14 2007-12-21 Guillaume Poizat PROCESS FOR TRACEABILITY OF PRODUCTS WITHOUT ADDING OR MODIFYING THE MATERIAL USING A DIGITAL SIGNATURE OBTAINED FROM ONE OR MORE INTRINSIC CHARACTERISTICS OF THE PRODUCT

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2010059929A2 *

Also Published As

Publication number Publication date
AU2009316464A1 (en) 2010-05-27
EP2359316A4 (en) 2012-08-29
CA2744535A1 (en) 2010-05-27
WO2010059929A2 (en) 2010-05-27
BRPI0921998A2 (en) 2016-01-05
WO2010059929A3 (en) 2010-08-26

Similar Documents

Publication Publication Date Title
US20230004957A1 (en) Consumer authentication system and method
US7967203B2 (en) Authenticating a document with a magnetic stripe
US8251283B1 (en) Token authentication using spatial characteristics
US9027831B2 (en) Updating of reference magnetic signature for authenticating a document with a magnetic stripe
US20090319287A1 (en) Authentication segmentation
US20130254117A1 (en) Secured transaction system and method
US20110010289A1 (en) Method And System For Controlling Risk Using Static Payment Data And An Intelligent Payment Device
JP2013543180A (en) How to make online purchases using mobile devices and payment services
US20080314977A1 (en) Method, System, and Computer Program Product for Customer-Level Data Verification
WO2013169926A1 (en) System and method for authentication using payment protocol
JP2013539890A (en) How to transfer funds using a payment service where financial deposit account information is entered once into the payment service and does not need to be re-entered for future transfers
JP2013541106A (en) A method of conducting a financial transaction in which the payer&#39;s financial deposit account information is entered into the payment system only once
CN114503130A (en) Mapping user vectors between embeddings of machine learning models
JP2017033603A (en) Payment method for using settlement service and tab selected by first party and opened by second party in geological position of one of mobile devices of first party
US20100034434A1 (en) Detecting forged magstripe data through relative variations in flux transition location, system and method
EP2359316A2 (en) Authentication of documents having a magnetic stripe
US8118220B2 (en) Verifying cardholder identity using signature of the card
US8104677B2 (en) Authentication of documents having magnetic stripe
WO2024009285A1 (en) Methods, systems, apparatuses and devices for facilitating hands-free payments

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20110621

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

RIN1 Information on inventor provided before grant (corrected)

Inventor name: HAMMAD, AYMAN

Inventor name: KATO, CRAIG

Inventor name: FANG, XIANG

Inventor name: FAITH, PATRICK

Inventor name: KOGANTI, KRISHAN, PRASAD

DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20120727

RIC1 Information provided on ipc code assigned before grant

Ipc: G06K 19/12 20060101AFI20120723BHEP

17Q First examination report despatched

Effective date: 20130423

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20140911