WO1994023400A1 - Financial transmission system - Google Patents
Financial transmission system Download PDFInfo
- Publication number
- WO1994023400A1 WO1994023400A1 PCT/US1994/003344 US9403344W WO9423400A1 WO 1994023400 A1 WO1994023400 A1 WO 1994023400A1 US 9403344 W US9403344 W US 9403344W WO 9423400 A1 WO9423400 A1 WO 9423400A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computer
- telephone
- communications
- communications network
- issuer
- Prior art date
Links
- 230000005540 biological transmission Effects 0.000 title description 14
- 238000004891 communication Methods 0.000 claims abstract description 129
- 238000000034 method Methods 0.000 claims abstract description 52
- 230000003213 activating effect Effects 0.000 claims description 5
- 230000008878 coupling Effects 0.000 claims description 2
- 238000010168 coupling process Methods 0.000 claims description 2
- 238000005859 coupling reaction Methods 0.000 claims description 2
- 230000004913 activation Effects 0.000 claims 4
- 150000001768 cations Chemical class 0.000 claims 2
- 230000004044 response Effects 0.000 claims 1
- 230000008569 process Effects 0.000 abstract description 5
- 230000002452 interceptive effect Effects 0.000 abstract description 3
- 239000003990 capacitor Substances 0.000 description 19
- 238000013478 data encryption standard Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 6
- 239000013078 crystal Substances 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 230000005291 magnetic effect Effects 0.000 description 4
- 229920002799 BoPET Polymers 0.000 description 3
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 3
- 239000005041 Mylar™ Substances 0.000 description 3
- 229910052799 carbon Inorganic materials 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000005236 sound signal Effects 0.000 description 3
- 240000004760 Pimpinella anisum Species 0.000 description 2
- XUIMIQQOPSSXEZ-UHFFFAOYSA-N Silicon Chemical group [Si] XUIMIQQOPSSXEZ-UHFFFAOYSA-N 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 229910052710 silicon Inorganic materials 0.000 description 2
- 239000010703 silicon Substances 0.000 description 2
- 241000931526 Acer campestre Species 0.000 description 1
- WHXSMMKQMYFTQS-UHFFFAOYSA-N Lithium Chemical compound [Li] WHXSMMKQMYFTQS-UHFFFAOYSA-N 0.000 description 1
- 239000004793 Polystyrene Substances 0.000 description 1
- XAGFODPZIPBFFR-UHFFFAOYSA-N aluminium Chemical compound [Al] XAGFODPZIPBFFR-UHFFFAOYSA-N 0.000 description 1
- 229910052782 aluminium Inorganic materials 0.000 description 1
- 239000000919 ceramic Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000011031 large-scale manufacturing process Methods 0.000 description 1
- 229910052744 lithium Inorganic materials 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 210000002569 neuron Anatomy 0.000 description 1
- 239000004033 plastic Substances 0.000 description 1
- 229920002223 polystyrene Polymers 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1016—Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/108—Remote banking, e.g. home banking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
Definitions
- This invention relates to performing financial transactions with a financial card over a communications network, and, more particularly, to a method and device for determining and securely transmitting an account code of such a financial card over a communications link in a communications network to a remote location.
- a widespread problem involves credit card fraud. It is relatively easy to obtain credit card numbers from past transaction slips. Likewise, credit cards are frequently placed on counters at stores and the like, thereby making the credit card account number readily visible to other persons.
- a known method of fraud concerns illegal use of a credit card account number in a phone financial transaction by someone who has misappropriated the account number. In such transactions, the card is obviously not present during the transaction, and thus it is difficult, if not impossible, for the seller to verify that the caller has the credit card.
- the credit card companies have passed the burden of illegal telephone credit card transactions onto the seller by requiring the
- Another problem associated with the prior system is that numerous consumers do not have credit cards for a variety of reasons. Thus, these consumers are unable to take advantage of the ease of phone financial transactions. This problem is becoming more prevalent because many credit card companies are more selective in issuing cards during the present difficult economic times.
- a primary objective of the current invention is to provide a method and device for performing financial transactions over a communications network, such as the telephone network, using a credit card or debit card.
- a similarly important object of this invention is to provide a method and device for ensuring that PIN numbers and/or account numbers associated with such cards are transmitted over the communications network securely.
- an object is to transmit such numbers using a device which provides for transmission of the account code numbers over a communications link in a communications network to a remote location, and which concurrently allows for audio communication with the remote location.
- a more particular object of the present invention is to provide a device which connects to a telephone, and provides electronic equipment capable of reading an account card, and transmitting and receiving data to and from computers at remote locations, respectively.
- a related object is to provide such a device which is adapted to be powered solely by the communications circuit, or, more particularly, the telephone line.
- an object is to power the device from the telephone line power without interfering with the operation of the telephone.
- an object is to provide a power supply which performs a switching operation among its components to reduce the power drawn by the device.
- Yet another object is to provide a device which incorporates a circuit to mute audio signals to the earphone of a telephone which are generated by the device to prevent or minimize discomfort to the listener's ear.
- a related object is to provide such a muting circuit which does not interfere with data transmission by the device or voice communication by the telephone to remote locations.
- an object is to construct such a device with low cost electronic parts so that noncommercial consumers can afford to purchase the device. Also, an object is to construct such a device with parts which will provide the longevity required by household use of such a device.
- Another important object is to disclose a method for securely transmitting the secret account code portion of a financial card (e.g., a PIN number) and/or the nonsecret code portion of the financial account number of the financial card.
- a related object is to disclose a method for allowing the device and a remote acquirer computer to determine a secret common encryption key for transmitting data back and forth securely.
- a method and device for determining and securely transmitting an account code and/or personal identification number (PIN) of a financial card over a communications link in a communications network to a remote location, and which provide the capability of allowing a telephone to be used concurrently to perform voice communications over the same communications link with the remote location.
- the device of the present invention generally comprises a control circuit, a reader apparatus, a transceiver, and a communications connector.
- the control circuit controls operation of the device.
- the reader apparatus determines the account code of the financial card.
- the transceiver transmits the account code over the communications link of the communications network and receives information sent by the remote computer via the communications link, and provides such information to the control circuit.
- the communications connector is adapted to connect the device to the telephone so that voice communications can be performed by the telephone over the same communications link which establishes the connection of the device to the remote computer.
- the device further comprises an entering apparatus, such as a keypad, for manually entering a secret PIN code related to the account code of the financial card.
- the device preferably comprises a power supply connected to the telephone line for supplying power to the device solely by the power received from the telephone line. In the preferred embodiment, the power supply performs a switching function between various components of the device to reduce the power drawn by the device, thereby avoiding interference with the operation of the telephone.
- the transceiver transmits the detected account code of the financial card in DTMF signals.
- a muting circuit is disclosed for connection between the telephone and the device which mutes the DTMF signals to the telephone which are generated by the device to avoid damage and discomfort to the listener's ear.
- Another important aspect of the invention involves a method for encrypting the secret PIN code portion and/or the detectable code portion of the financial card.
- the method generally comprises the following steps: programming a secret master key into the device; programming a nonsecret identity offset into the device which corresponds to the master key; maintaining a lookup table associating the master key to the nonsecret identity offset at the device issuer location; generating a working key for encrypting data between the acquirer computer and the device; and using the identity offset, the master key and the lookup table to make the working key common between the acquirer and the device.
- the acquirer and the device can thereafter transmit data (such as the secret PIN number) securely therebetween.
- the present invention therefore overcomes the deficiencies of the prior art which only allows phone financial transactions to be performed with a credit card, and which also facilitates credit card fraud.
- the present invention discloses a device which requires the credit card to be present during a phone transaction, and also allows debit cards, such as ATM cards, to be used to conduct such phone financial transactions without violation of current banking laws.
- the device and method disclosed with the present invention allow the user to interactively perform audio communications with a remote computer and/or human operator, over the same communications link used by the device to transmit and receive data to and from the remote location, respectively.
- the present invention therefore, provides buyers and sellers with a much higher degree of flexibility and security when conducting telephone financial transactions.
- Fig. 1 is a diagram of the prior art automated teller machine (ATM) financial network
- Fig. 2 is a diagram of the device in accordance with the present invention interfaced to a communications network
- Fig. 3 is a perspective view of the device in accordance with the present invention connected between a telephone and the incoming telephone line, and also showing a financial card adapted to be used in conjunction with the device to perform financial transactions;
- Fig. 4 is a block diagram of the electronic circuit for the device constructed according to a preferred embodiment of the present invention, and generally showing the connection of various components of the device to the existing telephone network;
- Fig. 5 is a schematic circuit diagram of the electronic circuit shown in block diagram form in Fig. 4. Detailed Description of the Preferred Embodiments
- ATM automatic teller machine
- the ATM network 20 generally comprises a plurality of ATM machines 22a-n, a plurality of banks 24a-n, interconnected by a financial interchange switch network 26.
- a communications network 28 interconnects the switch network to the ATM machines 22a-n and to the banks 24a-n.
- the banks 24a-n can be, and typically are, unrelated entities that issue ATM cards to bank patrons. This arrangement allows an ATM card holder to withdrawn funds from an associated savings or checking account at any ATM machine 22a-n from one of the banks 24a-n that issued the card and is associated with the switch network 26. There are multiple such networks including Cirrus, Bank Mate, NYCE, and others which perform switch network services.
- the ATM financial cards (similar to the financial card 27 shown in Fig. 3) , which are used to withdraw funds at one of the ATM machines 22a-n from one of the banks 24a- n, have an account code comprising two fields.
- the first field of the ATM card referred to herein as a detectable code 25, is typically imprinted on the front of the ATM card, and is also magnetically coded on a magnetic stripe on the back of the ATM card (not shown) , along with additional information such as the expiration of the financial card.
- the ATM machines 22a-n have an electronic device which reads the magnetic stripe to determine the detectable code 25.
- the second field is a secret personal identification number (PIN) which is not detectable, i.e., it is not imprinted on the ATM card, nor is it magnetically stored on the ATM card.
- PIN personal identification number
- the secret PIN should be devoted to memory by the ATM card owner and/or written down in a safe place.
- the card owner When performing an ATM financial transaction, the card owner first runs the ATM card through the electronic device (card reader) which electronically detects ("reads") the magnetic stripe to determine the detectable code field.
- the ATM machine then prompts the ATM card holder to enter the secret PIN number to verify that the person entering the card into the ATM machine is in fact the owner of the ATM card.
- the secret PIN is therefore a security measure which minimizes the chances of someone misappropriating the ATM card and withdrawing funds from the ATM card holder's associated savings or checking account.
- the ATM machine After the user enters the correct secret PIN number associated with the ATM card, the ATM machine next transmits the account code of the ATM card, the encrypted PIN number, and details of the requested transaction to the switch network 26.
- the switch network forwards this information to the bank that issued the ATM card, which could be any one of the banks 24a-n.
- the bank verifies that the secret PIN number is associated with the detectable code of the ATM card entered into the ATM machine, and then authorizes the financial transaction requested by the ATM card holder, such as withdrawing funds from the ATM card holder's account if sufficient funds are available.
- the ATM machine In performing the above-described transaction, the ATM machine must transmit the secret PIN number across the communications network 28.
- current banking laws require that the secret PIN number be transmitted across the communications network 28 in an encrypted form to prevent detection and theft of the secret PIN number while in transit across the communications network 28.
- Such laws recognize the significant risk that unscrupulous persons having technological "know how" might readily detect and steal the detectable code and the secret PIN number, if the PIN number were transmitted in the clear (i.e., unencrypted form).
- the switch network methodology of the switch network 26 shown in Fig. 1 was developed for securely encrypting PIN numbers transmitted across the communications network 28.
- Fig.l is an extremely simplified model of the existing ATM network, but is sufficient for illustrating the ATM methodology relevant to understanding the present invention.
- the ATM machines 22a-n employ encryption devices 32a-n and corresponding encryption keys 34a-n.
- the ATM machines 22a-n also comprise a Data Encryption Standard (hereinafter "DES") algorithm 36 which is well-known in the art, and is common to all ATM machines 22a-n, the switch network 26 and the banks 24a-n.
- DES Data Encryption Standard
- the DES encryption is described in Federal Information Processing Standard (FIPS) Publication 46-1, available from the National Technical Information Service (NTIS) .
- FIPS Federal Information Processing Standard
- NTIS National Technical Information Service
- Such packets of information include the identity of the ATM machine (i.e., one of the ATM machines 22a-n) , the identity of the bank (i.e., one of the banks 24a-n) , the detectable code 25 of the financial card 27, and the PIN number in encrypted form (as will be described below) , and/or other transaction and network specific information.
- the switch network 26 comprises encryption devices 40 and 42, the DES algorithm 36, and variable encryption keys 44 and 46, corresponding to the encryption devices 40 and 42, respectively.
- the encryption devices 40 and 42 comprise software and circuitry for receiving the packets of information from the ATM machines 22a-n, and for processing that information. During a financial transaction, the encryption device 40 would determine, based upon the packeted information, which ATM machine was transmitting information, and would use the encryption key corresponding to the transmitting ATM machine to translate the encrypted PIN for transmission to the appropriate bank.
- the banks 24a-n comprise encryption devices
- the encryption device 42 of the switch network 26 uses the encryption key corresponding to the destination bank to transmit the secret PIN number.
- the corresponding encryption device i.e., one of the encryption devices 50a-n
- the bank thereafter processes the information to authorize the corresponding ATM machine to perform the financial trans ⁇ action requested by the ATM card holder.
- the switch network 26 is the only entity that knows all of the encryption keys for all of the ATM machines 22a-n and all of the banks 24a-n.
- the financial network therefore desirably provides for a separation of secrets relating to the encryption keys and the secret PIN numbers between the banks 24a-n, which are typically different entities.
- Fig. 2 shows the device 60 connected to a telephone line 63 in a communications network, such as the public switched telephone network, generally designated 62.
- a communications network such as the public switched telephone network, generally designated 62.
- the telephone line 63 connects to the communications network 62 via a telephone jack 67 mounted on a wall 69, as is well known.
- the device is connected to the communications network 62 in series between the telephone line 63 and a telephone 65 adapted to transmit audio communications across the communications network.
- the device 60 is adapted to perform financial transactions over the communications network 62 with an entity at a remote location using the financial card 27.
- the other entities that will likely be necessary to perform a financial transaction are: the device issuer 64; the acquirer 66; and the financial card issuer 68.
- the acquirer 66 is the entity with which the owner of the device 60 desires to conduct a financial transaction. Such entities might include banks, service bureaus, and switch companies.
- the financial card issuer 68 issues the financial card 27 to clients such as the owner of the device 60. Such entities will likely include credit card companies and banks issuing debit cards such as ATM cards.
- the device issuer 64 is the entity that sells the devices 60, and in implementation will likely include a plurality of device issuers.
- the device issuer 64 will maintain information relating to the identity of the device 60.
- the information will preferably be maintained in a lookup table 70 for access during a financial transaction.
- the present invention includes methods for securely transmitting the account code of the financial card 27 over the communications network 62 during the execution of a financial transaction.
- the interaction of the device 60, the device issuer 64, the acquirer 66, and the card issuer 68 will also be described therein. It should be understood that the same entity might perform more than one of the above-described functions.
- a bank might be a device issuer 64, as well as a card issuer 68.
- the device 60 of the present invention is shown in Fig. 3.
- the device generally comprises a housing 80, a card reader slot 82, an electronic circuit 84 (shown in Figs. 4 and 5), and communications connectors Jl and J2.
- the housing 80 is preferably constructed with a lightweight, durable material, such as plastic.
- the housing 80 encloses the electronic circuit 84 for the device 60.
- the device includes a means for entering data, such as keypad 90.
- Connector Jl is adapted to interface the device 60 to the telephone 65 and connector J2 is adapted to interface the device to the incoming telephone line 63 from the central office of the public switched telephone network.
- the electronic circuit 84 is shown in block diagram form in Fig. 4 and in schematic form in Fig. 5.
- the electronic circuit 84 comprises a control circuit, such as a microcontroller 100, a card reader circuit 102 (which works in conjunction with the card reader slot 82) , a transmitter 104, a receiver 106, and a power supply 108.
- the electronic circuit also comprises a mute circuit 110 and keypad connection lines 112.
- the microcontroller 100 controls the sequence of operations of the rest of the electronic circuit 84 for the device 60.
- the microcontroller 100 includes a microprocessor central processing unit (CPU) , erasable programmable read only memory (EPROM) , random access memory (RAM) , for working data, input-output (IO) circuits for connection to the rest of the device, and a crystal oscillator clock 120.
- the CPU implements 12 bit instruction word and 8 bit data word.
- the CPU also comprises an on-board amplifier for the clock 120, 12 bit wide program memory, 8 bit wide data memory, and input/output (I/O) drivers.
- the microprocessor 100 should also comprise an input for detecting falling edge transitions from the card reader circuit 102.
- microcontroller 100 under the control of its program, scans the keypad connection lines 112, as is well-known in the art. Also, the microcontroller 100 captures and interprets pulses detected by the card reader circuit 102. Further, as will be described in detail below, the microcontroller 100 contains the program for implementing the encryption method for transmitting the secret PIN code and/or the detectable code 25 of the account code of the financial card 27. To this same end, the microcontroller controls transmission of data by the transmitter 104 and receipt of data from the receiver 106.
- the microcontroller 100 in the preferred embodiment, controls the power supply in a unique way to reduce the power requirements of the device.
- One such possible microcontroller is a Microchip Technology PIC16C57XT microprocessor. This model is desirable because of its low cost and low power requirements (the importance of which will be described below) , as well as the fact that its program memory can be secured against unauthorized readout.
- the Signetics 87C752 is a good alternative to the Microchip microprocessor.
- the device 60 has the capability to add a second level of encryption with a remotely programmed working key.
- a separate battery powered RAM memory U4 is provided.
- One possible memory U4 is the Dallas Semiconductor DS2223.
- the RAM is interfaced to the microcontroller 100 through a single I/O pin 7.
- the Microchip PIC16C57XT does not provide an internal pullup resistor and the I/O pin of the DS2223 is an open collector. Thus, resistor R13 is required to pull the pin up when both devices place their pins in a high impedance state.
- Bl is a small lithium battery type BR1235 or CR1620, and is used to maintain the data in RAM U4 when the telephone set is on hook and the device is not powered. Further, a circuit or switch can be provided to disconnect the battery Bl from the RAM U4 if the device housing 80 is opened, thereby erasing the protectable information contained therein. Also, the switch could comprise a phototransistor, or the like, which would disconnect the battery Bl if light is incident upon the phototransistor, such as would occur if the housing 80 were opened.
- the crystal oscillator clock 120 comprises a 3.579 MHz crystal. This crystal is preferable for its low cost, and also because the transmitter 104 and receiver 106 operate at that frequency, thereby eliminating the need for additional clock circuits for those devices. An inexpensive color-burst crystal may be used.
- Capacitor C3 provides load capacitance for clock 120, and couples the clock to the transmitter 104 and the receiver 106.
- Capacitor C4 provides load capacitance for clock 120.
- the transmitter 104 and the receiver 106 transmit and receive, respectively, dual tone multiple frequency (DTMF) signals.
- the transmitter 104 and receiver 106 are well known in the art, and can be consolidated on a single transceiver chip U2 (shown in Fig. 5) , such as the Mitel Semiconductor MT8880 Chip.
- the Mitel chip includes a DTMF encoder/transmitter which generates all sixteen standard DTMF tones on demand from the microcontroller 100.
- DTMF tones as described in greater detail below, are used to transmit data four bits at a time to remote locations having computers.
- the DTMF tones are encoded in 51 millisecond ( s) bursts separated by 51 ms of silence.
- the receiver portion of chip U2 recognizes DTMF tones from the central office and transmits the tones to the microcontroller 100 for processing.
- the Mitel chip requires extra clock pulses supplied under the control of the microcontroller 100.
- Additional coupling components for the transceiver chip U2 are resistors R2, R3, R4, R5, capacitors C2, C5, C6, and amplifier transistor Ql.
- Resistors R2 and R3 set the input sensitivity of the DTMF receiver 106.
- the input stage of chip U2 is wired in single ended configuration with the divider presenting signal energy to the inverting input and the noninverting input tied to the reference output.
- Resistors R2 and R3 are preferably 1/8 watt resistors.
- Capacitor C5 couples the audio signal from the telephone line to the input of chip U2 and blocks either polarity DC signal.
- Capacitor C5 should be a 200 working voltage mylar or polystyrene capacitor.
- Resistor R5 and capacitor C6 form an RC network which controls the minimum permissible tone burst length and interdigit delay that the DTMF receiver 106 will recognize as valid and discrete digits.
- Capacitor C6 can be a 20 volt mylar capacitor and resistor R5 can be a 1/8 watt resistor.
- Capacitor C2 bypasses and absorbs excess 3.579 MHz energy from the switching output stage of chip U2 and prevents the noise signal from being radiated from the telephone line.
- Transistor Ql is a high voltage NPN transistor which amplifies the output signal from chip U2 and converts that varying voltage signal to a varying audio frequency current in the telephone line 63.
- Transistor Ql is direct coupled to the output of chip U2 to provide DC bias so that transistor Ql is always conducting in its linear region.
- Resistor R4 performs three functions. Resistor R4 sets the DC operating point of transistor Ql to a high enough current so that the DC insertion loss of transistor Ql is minimized. Resistor R4 also loads the output of chip U2 as required because chip U2 (the Mitel chip) is a switched capacitor design. Further, resistor R4 sets the AC gain of transistor Ql to a level that results in a 0 to 6 dbm audio output when measured across the 600 ohm impedance of the telephone line.
- the card reader circuit 102 is an American Banking Association track 2 reader that outputs a negative going TTL level pulse on the clock line for every data bit and presents the inverted TTL data bit on the data line.
- the card reader circuit 102 used in the prototype is a Neuron Electronics model MCR575-1R. Compatible readers are also available from Magtek, American Magnetics, Nippodenso, and Panasonic.
- the microcontroller 100 detects each clock pulse and reads the state of the data line.
- the microcontroller 100 monitors the bit stream for the start sentinel pattern and then accumulates 5 bit digits in the internal RAM memory. When the end sentinel is detected, and the longitudinal redundancy check buffered, the data is checked for horizontal or vertical parity errors.
- the keypad 90 is likewise well-known in the art.
- the keypad has 12 keys 130 (shown in Fig. 3) which are similar to those found on a push-button telephone dial.
- the keys are arranged in a matrix of four rows and three columns.
- the keypad 90 allows the user to enter the PIN number associated with the financial card, and to also transmit nonsecure data during a financial transaction performed over the communications network 62.
- the microcontroller 100 scans the keys 130 of the keypad 90 by alternating setting one of the row lines connected to outputs RC0, RC1, RC2, and RC3 to a low level and testing for a low level on one of the column sense lines RC4, RC5, and RC6.
- Pullup resistors R9, R10, and Rll maintain the column lines at a high level when a key press does not connect them to a low row line.
- the power supply 108 connects to the phone line and supplies power to the device 60 solely from the power received from the telephone line.
- the power supply eliminates the need to obtain power for the device from an external source, such as a wall outlet.
- the power supply disclosed herein extracts sufficient power from the telephone line to operate the device without interfering with the operation of the telephone.
- the power supply comprises a bridge rectifier Dl, zener diode D2, filter/reservoir capacitor Cl, power switching transistors Q2 and Q3, base resistors R6 and R7, and bias resistor R12.
- the power supply provides regulated 5V power to the electronic circuit 84 over a line current range of 20 to 100 milliamperes.
- the rectifier Dl ensures that power of the proper polarity is supplied to the other electronic circuits of the device 60, irrespective of the polarity of the power received from the telephone line.
- the zener diode D2 is connected in series with the telephone line and
- the zener diode D2 should be capable of dissipating 500 milliwatts.
- the two switching transistors Q2 and Q3 direct power either to the card reader circuit 102 , or to the transmitter 104 and receiver 106, as controlled by the microcontroller 100. This methodology is desirable because only the card reader circuit 102, or the transmitter 104 and receiver 106 (chip U2) will operate at one time. Thus, this switching methodology reduces the power requirement of the device, which is important in this low power application.
- Transistor Q2 is a silicon PNP transistor which is forward biased by current flow through resistor R6 when output RA6 of the microcontroller 100 is in the low state. In this state, the transistor Q2 switches on the supply voltage to the transmitter 104 and receiver 106 for those phases of the protocol which require signaling to or from remote locations.
- Transistor Q3 is a silicon NPN transistor which switches the power supply voltage to the card reader circuit 102 in a manner similar to the switching operation performed by transistor Q2.
- Transistor Q3 is biased on when output RA3 of the microcontroller is in the high state. Thus, transistor Q3 conducts (switches on) when transistor Q2 does not conduct (switched off) , and vice versa.
- Capacitor Cl filters the DC power supply voltage, bypasses audio signals, and provides a reservoir of operating power when particularly large excursions of line current are received (such as from loud sounds, dial pulses, or supervisory loop current interruptions) .
- Capacitor Cl is an aluminum electrolytic type with a working voltage rating of 10 volts.
- Capacitor C7 is a .1 microfarad capacitor which serves as a high frequency bypass of the power supply around the transmitter 104 and receiver 106.
- Capacitor C7 is a 20 working volt mylar type capacitor, but could also be a ceramic disc type capacitor.
- Resistor R6 is a 1/8 watt carbon film type resistor.
- the resistance of R6 is preferably 22,000 ohms so that sufficient current is drawn from the base of transistor Q2, and when multiplied by the current gain of transistor Q2, sources sufficient supply current for proper operation of the transmitter 104 and receiver 106. A smaller value for resistor R6 would waste power by dissipating power in resistor R6.
- Resistor R7 like resistor R6, limits base current to transistor Q3 to a value sufficient to operate the card reader circuit 102, but not wastefully in excess of that value.
- Resistor R7 is likewise preferably about 22,000 ohms, but may need to be recalculated for different models of card reader.
- Resistor R12 provides sufficient bias current to maintain transistor Ql (operation described below) in the conduction mode when DC current is not supplied to transmitter 104 and receiver 106 through transistor Ql at power up or when the transmitter 104 and receiver 106 shut down (which occurs when the power supply directs power to the card reader circuit 102) .
- the mute circuit 110 limits the volume level of DTMF tones transmitted to the telephone 65 when the device 60 is outputting data by shunting the telephone connector Jl with a resistance on command by the microcontroller 100.
- the microcontroller 100 activates the mute circuit 110 prior to activating the transmitter 104 to transmit DTMF signals to the computer at the remote location.
- the microcontroller 100 deactivates the mute circuit 110 when the transmitter 104 is not transmitting data to the remote location so that the telephone user can hear voice prompts and other desired audio communications from the remote location, which could be from the computer at the remote location and/or a human operator.
- the mute circuit is comprised of optocoupler U3, resistors Rl and R8.
- the optocoupler U3 can preferably be a Sharp PC729 design.
- Fig. 5 shows an oversimplified optocoupler. It is connected so that the light emitting diodes are in series and both output stages are in series. This connection provides bipolar operation of the output stage so that correct mute circuit operation is independent of telephone line polarity.
- output RA2 of the microcontroller 100 When output RA2 of the microcontroller 100 is in a low state, current flows through the LED and the output transistors are energized connecting resistor Rl across the telephone 65.
- resistor Rl When the output stage of optocoupler U3 is energized, about 1/2 of the line current of the telephone line 63 is diverted from the telephone 65 through resistor Rl. Resistor Rl should be a 1/4 watt resistor. Resistor R8 sets the current through the LED of the optocoupler U3. Optocoupler U3 has a transfer ratio of about 4000%, and thus the value of resistor R8 should be chosen to allow about 1 milliampere to flow through the LEDs of optocoupler U3 so that up to 40 milliamperes can be conducted through the output of optocoupler U3. Resistor R8 is preferably a 1/8 watt carbon film resistor having a value of about 2200 ohms .
- the device 60 also comprises a device issuer identification (ID) 140, an identity offset 142, and a master key 146.
- ID device issuer identification
- the device issuer 64 maintains the lookup table 70 comprising identity offsets 142 and corresponding master keys 146 for each device 60 manufactured and sold or otherwise distributed by the device issuer.
- Lookup table 70 is maintained on a computer 144 at the device issuer location (hereinafter "device issuer computer") .
- the device issuer computer 144 also comprises an encryption device 145 for encrypting data under the master key 146, as will be described below, using the DES algorithm 36.
- the acquirer 66 comprises a computer 152 (hereinafter "acquirer computer”) .
- the acquirer computer 152 comprises software for generating a variable working key 154 for encrypting data with the DES algorithm.
- the acquirer computer 152 also comprises an encryption device 156 and software for implementing the DES algorithm 36 to encrypt data under the working key 154.
- the financial card issuer 68 comprises a computer 160 (hereinafter “card issuer computer”) .
- the card issuer computer 160 comprises an encryption device 162 for encrypting data with the DES algorithm under the predetermined encryption key 164, as described above in the prior art ATM network.
- the user of device 60 will place a phone call to a remote location with which the user desires to perform a financial transaction.
- a utility bill such as the gas bill
- the user would call the utility company or an acquirer service bureau, such as a bank, serving the utility as a surrogate acquirer with the telephone 65 adjacent the device 60.
- the utility would be referred to as the acquirer 66.
- the utility would preferably have a computer automated answering service which would provide a DTMF- activated menu having a selection for paying bills using the financial card 27. Upon activating this menu selection, the user would eventually be prompted to enter the financial card 27 through the card reader slot 82. The user would then be prompted to enter the secret PIN code, if applicable (i.e., for ATM cards but typically not required for credit cards) . As explained above, current banking laws require the secret PIN code to be transmitted in encoded form. Because the device 60 and acquirer 66 will typically not have a preestablished encryption key (due to the vast number of possible acquirers and users of the devices) , the device and acquirer cannot transmit data in encoded form without first developing a common encryption key.
- the device 60 transmits a packet of information including the device issuer identification (ID) 140 (for simplicity of illustration designated as the letter X) , and the identity offset 142 (designated as the number 3) .
- ID device issuer identification
- the acquirer computer 152 generates a random working key 154 which varies with each device 60 that contacts the acquirer 66.
- the working key is show as the number 42 for purposes of illustration.
- step 3 designated as S3, the acquirer computer 152 transmits the identity offset 142 and the working key 154 (3,42) in encrypted form (shown as 7,92 for illustration) under an encryption key common to the device issuer 64 and the acquirer 66 to the device issuer 64 designated by the device issuer ID 140 (i.e., by the code letter X) .
- the communication between the device issuer 64 and the acquirer 66 is similar to the communication between the ATM machines 22a-n and the banks 24a-n in the prior art ATM network, described above. Different device issuers would have different device issuer IDs, and the acquirer computer 152 would maintain a lookup table for the various device issuers 64 and their corresponding network addressing information.
- step 4 designated as S4, the device issuer computer 144 unencrypts the identity offset 142 and the working key 154 with the common encryption key, and encrypts the working key 154 (i.e., 42) under the master key 146 (456) corresponding to the transmitted identity offset 142 (i.e., 3) to generate a cryptogram (designated as the number 832 for illustration) .
- step 5 designated as S5
- the acquirer computer 152 transmits the working key cryptogram (i.e., 832) to the device 60.
- step 6 designated as S6, the microcontroller 100 unencrypts the encrypted working key (i.e., 832) under the master key (456) to obtain the working key 154 (42) in the clear.
- step 7 designated as S7 , the microcontroller 100 of device 60 causes the transmitter 104 to transmit the secret PIN code portion encrypted (shown as 17 for illustration purposes) under the working key 154 (42) to the acquirer computer 152.
- the acquirer computer 152 translates the PIN block cryptogram from the device working key to a communication key agreed on with the card issuer, and can transmit this cryptogram with the card account number and other transaction details to the card issuer 68 in encrypted form under an encryption key common to the card issuer 68 and the acquirer 66, as was performed in the prior art (explained above) .
- the card issuer 68 and the acquirer 64 can perform communications necessary to accomplish the financial transaction requested by the user of the device 60 after verifying the validity and accuracy of the account code of the financial card.
- the acquirer 66 could maintain a lookup table of an established working key 154 associated with a particular device so that the above described process need not be repeated every time the device 60 contacts the same acquirer. Such a lookup table would reduce transaction time for future financial transactions between the device 60 and the acquirer 66, and would also decrease network traffic. Further, the acquirer computer 152 could automatically reestablish a new working key after a predetermined time elapsed and/or after the old working key is used in a predetermined number of trans ⁇ actions, thereby increasing the safety of the financial transmission system.
- the acquirer 66 could request more than one working key 154 be encrypted in each call to the device issuer 64. Such additional working key cryptograms would be used in future transactions with the device 60. This method reduces the number of transactions required between the acquirer 66 and the device issuer 64 while providing sufficient frequency of changing the working key used to encrypt the secret PIN.
- ⁇ utilize a completely unique key for each transaction without the necessity of requesting a completely new working key encryption operation from the device issuer 64 by varying the working key 154 for each transaction.
- Such variation could be performed by the acquirer 66 generating a key variant generator of four or eight bits and transmitting that number to the device with each request for encrypted data in step 7 (S7) .
- the device and the acquirer would both apply the key variant generator to the working key by an exclusive-or operation.
- the key variant generator can be incremented sequentially or randomly but should not be repeated for a given base working key. This implies that each base working key can be used a maximum of
- the key variant generator may be transmitted to the device 60 in the clear because it is useless without knowledge of the working key.
- Using a unique key for each transaction enhances the security of the protocol by preventing a PIN cryptogram used in prior transaction from being stolen and used in a later, fraudulent transaction.
- the above-described method is the preferred method for creating a common secret encryption key between the device 60 and the acquirer 66.
- the method could be altered to accomplish the same result.
- the device issuer 64 could generate the working key 154 and transmit the working key encrypted under the master key 146 as well as the working key 154 encrypted under the encryption key common between the acquirer 66 and the device issuer 64 (similar to the prior art ATM network) .
- the acquirer 66 could determine the clear text of the working key 154, and could transmit the working key encrypted under the master key 146 to the device 60 so that the device could also determine the working key, thereby making the working key common to the acquirer 66 and the device 60.
- the device could generate the working key 154 and transmit the working key to the acquirer 66 encrypted under the master key 146.
- the acquirer could transmit the encrypted working key to the device issuer 64.
- the device issuer could thereafter unencrypt the encrypted working key using the master key 146, known by the device issuer 64.
- the device issuer 64 could thereafter transmit the working key in encrypted form under an encryption key common to the device issuer 64 and the acquirer 66 (similar to the prior art) , thereby making the working key common to the device 60 and the acquirer 66.
- the important aspect about the method is programming the device with the secret master key and the nonsecret identity offset, as well as the device issuer 64 maintaining the lookup table 70.
- the established encryption key between the device issuer 64 and the acquirer 66 (as in the prior art) coupled with the identity offset/master key pair common between the device 60 and the device issuer 64 allow the device 60, the device issuer 64, and the acquirer 66 to develop a common working key, thereby allowing the device 60 and the acquirer 66 to develop a common working key for transmitting data (i.e., the secret PIN number) in encrypted form.
- data i.e., the secret PIN number
- the device issuer identity is necessary so that the acquirer can determine which device issuer with which to communicate.
- the device 60 encrypts the PIN number for transmission to the acquirer 66 using the DES algorithm described above.
- the microcontroller 100 of device 60 uses 64 bit keys to encrypt the PIN number.
- the 64 bit binary numbers are transmitted as 16 DTMF digits.
- DTMF 0-9, *, #, and A-D are coded as binary patterns 0000 through 1111, respectively.
- the 64 bit key or cryptogram is transmitted most significant nybble (4 bits) first.
- the PIN is encoded as a packet of 4 or more (if the PIN number is more than 4 characters) 4 bit BCD digits.
- Unauthorized decryption of DES encoded messages depends on iteratively deciphering the cryptogram with all possible keys and recognizing the clear text when it is produced. Not only is such an iteration prohibitively large, but, since the clear text in this case is a decimal number, it is difficult to recognize which of the IO 4 or more (if PIN is more than 4 characters) is the correct PIN number.
- this invention encompasses the following method for further increasing the difficulty in deciphering a transmitted PIN number.
- the microcontroller 100 of device 60 will insert random bits in the PIN block to make all 4 bit patterns potential valid codes. If a digit of the PIN number is in the range of 2 (0010) through 7 (0111) , the 2 3 bit of that digit is exclusive-ored with 8 (1000) with a 50% probability. This increases the number of the 2 56 messages produced by iterative probing that could be valid PINs from 10 N to 16 N , for an N digit PIN number.
- a supply of random bits is generated in the device by sampling a fast 1 bit counter at every user key stroke of the device 60. It is important for the counter to be synchronous to the keypad 90 so that the scanning process of the keys 130 is asynchronous to therefore produce true random bits, and to ensure that there is not a fixed harmonic relationship to the recognition of the keystroke.
- the acquirer computer 152 can readily decode the random bit. If a particular 4 bit code is in the range of 1010 to 1111, the acquirer computer 152 will subtract the 4 bit code 1000 to obtain the clear digit. The acquirer computer 152 will implement a lookup table to accomplish this result as a part of the PIN cryptogram translation from the device working key to the card issuer communication key.
- the packet of information transmitted from the device 60 to the acquirer 66 may be padded with random bits.
- the acquirer computer 152 will strip off the random padding bits to obtain the PIN number. Because all digits are used in the transmission, and the transmission could involve more than one 16 digit packet, the end of the message is identified by a time-out in the acquirer computer 152. If more than a second elapses between packets, the message is complete.
- the acquirer computer 152 translates the PIN block cryptogram, and forwards the new cryptogram to the card issuer.
- the identity offset 142 of the device 60 need not be transmitted with every transaction.
- the acquirer 66 receiving the transaction will likely receive many transactions from the same device and should maintain a database of identity keys by originating telephone number which can be obtained from the telephone carrier through ANI or Cl protocols which are well-known in the industry. In this way, repeat calls from the same device may be immediately identified and the system security and performance is therefore enhanced by reducing the amount of information that must be transmitted. If a transaction fails because the master key is wrong, a retry can include enquiring the identity offset 142, and the ANI/identity offset database can be updated. For maximum security, a counter could be maintained on ANIs and on identity offsets to detect various types of intrusion attempts such as the same device calling in on many ANIs.
- the device master key 146 In order for the above-described protocol to operate securely, the device master key 146 must remain a secret.
- the master key 146, identity offset 142, and the device issuer ID 140 are programmed into the device 60 by the device issuer 64.
- the device issuer ID is a unique code which is assigned to a particular device issuer 64 preferably by some central arbiter to uniquely identify the particular device issuer.
- the identity offset 142 should be a pseudo-random number generated by some appropriate method such as a maximal length linear congruential sequence but must not be duplicated for devices sold by a particular device issuer 64.
- the master key 146 is preferably a 64 bit random number. As explained above, each identity offset 142 of a device 60 is paired with a random master key 146.
- the identity offset/master key pairs are kept in two places only: a secure database under control of the device issuer, and in the distributed existential database of the device 60.
- the device 60 reports its identity offset 142 to the acquirer 66.
- the device 60 never reveals its maser key 146 and, as described above, the device issuer 64 does not reveal the master key 146 either. If an intruder by some means obtains the master key of a given device, the intruder is no closer to knowing the master key of any other device because the relationship between the pseudo-random identity offset and the random master key is incomputable.
- the pseudo-random nature of the identity offset makes searching the master key database particularly amenable to hashing. This reduces the size of data storage required and enhances reliability and performance of the secure master key repository.
- a small minicomputer provides more than sufficient computing ability for a particular device issuer 64, and could be made redundant to enhance availability and throughput as desired or needed.
- Extracting the master key of a given device will require physical disassembly and advanced electronic techniques. It is no doubt possible to determine the master key of any given device given sufficient time, computer power, and other resources. That information alone, however, is relatively valueless as it gives no clue as to the master key in other devices.
- the security of this invention is not dependent on the algorithms and protocols being kept secret.
- the financial transmission system disclosed herein allows financial transactions to be performed by the device 60 with remote locations over the same communications link used to perform voice communications via the telephone 25 with the remote location. Further, the methods disclosed herein allow the detectable code 25 and/or the secret PIN number to be securely transmitted across the communications circuit. Further, even if the account code of a credit card is not transmitted in encrypted form, the device 60 requires the credit card to be present during a telephone financial transaction, thereby substantially reducing the risk of credit card fraud.
- all resistors are preferably carbon film-type resistors with a tolerance of 10% or less.
- the power requirements and working voltage requirements stated above represent minimum values which include an engineering safety margin. Components of finer tolerances could be used if desired or if particular applications warrant narrower tolerance. The value of the components stated above only represent the preferred embodiment, and could also be varied if desired or if a particular application requires modification.
- the DTMF functions performed by the transmitter 104 and the receiver 106 could be integrated in hardware or could be performed in microcontroller software if suitably fast analog to digital and digital to analog converters are utilized. Also, in large scale production, the majority of circuit components could be combined on a single integrated circuit chip. In particular, it is desirable to integrate the memory U4 into the microcontroller 100 to prevent probing of the connection therebetween in an attempt to ascertain the contents of the memory.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP94911733A EP0708950A1 (en) | 1993-03-29 | 1994-03-28 | Financial transmission system |
AU64177/94A AU6417794A (en) | 1993-03-29 | 1994-03-28 | Financial transmission system |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/038,895 US5351296A (en) | 1993-03-29 | 1993-03-29 | Financial transmission system |
US08/038,895 | 1993-03-29 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1994023400A1 true WO1994023400A1 (en) | 1994-10-13 |
Family
ID=21902516
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1994/003344 WO1994023400A1 (en) | 1993-03-29 | 1994-03-28 | Financial transmission system |
Country Status (5)
Country | Link |
---|---|
US (1) | US5351296A (en) |
EP (1) | EP0708950A1 (en) |
AU (1) | AU6417794A (en) |
CA (1) | CA2159365A1 (en) |
WO (1) | WO1994023400A1 (en) |
Families Citing this family (95)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
ATE237854T1 (en) * | 1992-10-26 | 2003-05-15 | Intellect Australia Pty Ltd | HOST-USER TRANSACTION SYSTEM |
US6145739A (en) * | 1993-10-26 | 2000-11-14 | Intellect Australia Pty Ltd. | System and method for performing transactions and an intelligent device therefor |
US6014430A (en) * | 1994-01-18 | 2000-01-11 | Flexydial Pty Ltd. | Message system |
US5553122A (en) * | 1994-01-28 | 1996-09-03 | Iti Innovative Technology Ltd. | Universal wedge-type telephone adaptor for computer system |
US20070299808A1 (en) * | 1995-05-19 | 2007-12-27 | Cyberfone Technologies, Inc. | Telephone/Transaction Entry Device and System for Entering Transaction Data into Databases |
US20050119992A1 (en) * | 1995-05-19 | 2005-06-02 | Martino Rocco L. | Telephone/transaction entry device and system for entering transaction data into databases |
US5742845A (en) | 1995-06-22 | 1998-04-21 | Datascape, Inc. | System for extending present open network communication protocols to communicate with non-standard I/O devices directly coupled to an open network |
US5794221A (en) | 1995-07-07 | 1998-08-11 | Egendorf; Andrew | Internet billing method |
US5764736A (en) * | 1995-07-20 | 1998-06-09 | National Semiconductor Corporation | Method for switching between a data communication session and a voice communication session |
CA2229008C (en) * | 1995-08-08 | 2002-10-29 | Meyer W. Eisner | Personal reader capture transfer technology |
US5822737A (en) * | 1996-02-05 | 1998-10-13 | Ogram; Mark E. | Financial transaction system |
US6945457B1 (en) * | 1996-05-10 | 2005-09-20 | Transaction Holdings Ltd. L.L.C. | Automated transaction machine |
US5745576A (en) * | 1996-05-17 | 1998-04-28 | Visa International Service Association | Method and apparatus for initialization of cryptographic terminal |
US7133836B1 (en) * | 1996-05-30 | 2006-11-07 | Sun Microsystems, Inc. | Catalog phone sales terminal |
WO1998000956A2 (en) * | 1996-06-28 | 1998-01-08 | Mci Communications Corporation | System and method for preventing cellular fraud |
IL119106A0 (en) * | 1996-08-21 | 1996-11-14 | Algorithmic Res Ltd | Commercial telephone |
WO1998043427A1 (en) * | 1997-03-21 | 1998-10-01 | Canal+ Societe Anonyme | Broadcast and reception system, and receiver/decoder and remote controller therefor |
IL120710A0 (en) * | 1997-04-20 | 1997-08-14 | David Ilan Ben | System and method for retail over a network |
US7096192B1 (en) | 1997-07-28 | 2006-08-22 | Cybersource Corporation | Method and system for detecting fraud in a credit card transaction over a computer network |
US7403922B1 (en) | 1997-07-28 | 2008-07-22 | Cybersource Corporation | Method and apparatus for evaluating fraud risk in an electronic commerce transaction |
US6941274B1 (en) * | 1997-11-28 | 2005-09-06 | Diebold, Incorporated | Automated transaction machine |
US6477578B1 (en) | 1997-12-16 | 2002-11-05 | Hankey Mhoon | System and method for conducting secure internet transactions |
US6296183B1 (en) * | 1997-12-23 | 2001-10-02 | Qwest Communications Int'l., Inc. | Telephony system for smart card usage |
US6098053A (en) * | 1998-01-28 | 2000-08-01 | Citibank, N.A. | System and method for performing an electronic financial transaction |
US6134661A (en) * | 1998-02-11 | 2000-10-17 | Topp; William C. | Computer network security device and method |
GB9811446D0 (en) * | 1998-05-29 | 1998-07-22 | Int Computers Ltd | Authentication device |
US5999680A (en) * | 1998-06-29 | 1999-12-07 | Lamah; Ahmad | Telecommunications method for using incomplete call time |
US6249089B1 (en) * | 1998-10-09 | 2001-06-19 | Frederick Bruwer | Intelligent electrical device comprising microchip |
US6339766B1 (en) * | 1998-12-02 | 2002-01-15 | Transactionsecure | Electronic payment system employing limited-use account number |
US7231045B1 (en) | 1999-08-30 | 2007-06-12 | Intel Corporation | Secure transaction modem storing unique indicia |
GB2353889B (en) * | 1999-09-02 | 2003-12-31 | John Wolfgang Halpern | Telephone-supported travel pass for the transfer of funds and of authentic entitlement passes or tickets |
US6446048B1 (en) | 1999-09-03 | 2002-09-03 | Intuit, Inc. | Web-based entry of financial transaction information and subsequent download of such information |
US7249093B1 (en) * | 1999-09-07 | 2007-07-24 | Rysix Holdings, Llc | Method of and system for making purchases over a computer network |
US7395241B1 (en) | 2000-01-19 | 2008-07-01 | Intuit Inc. | Consumer-directed financial transfers using automated clearinghouse networks |
US8170935B2 (en) | 2000-03-27 | 2012-05-01 | Nyse Amex Llc | Systems and methods for evaluating the integrity of a model portfolio of a financial instrument |
US11037240B2 (en) | 2000-03-27 | 2021-06-15 | Nyse American Llc | Systems and methods for checking model portfolios for actively managed funds |
US10929927B2 (en) * | 2000-03-27 | 2021-02-23 | Nyse American Llc | Exchange trading of mutual funds or other portfolio basket products |
AU2001257280C1 (en) * | 2000-04-24 | 2009-01-15 | Visa International Service Association | Online payer authentication service |
US20020173986A1 (en) * | 2000-06-19 | 2002-11-21 | Microsoft Corporation | Automatic categorization of financial transactions |
US20020123972A1 (en) * | 2001-02-02 | 2002-09-05 | Hodgson Robert B. | Apparatus for and method of secure ATM debit card and credit card payment transactions via the internet |
US7110986B1 (en) | 2001-04-23 | 2006-09-19 | Diebold, Incorporated | Automated banking machine system and method |
US7418592B1 (en) * | 2001-04-23 | 2008-08-26 | Diebold, Incorporated | Automated banking machine system and method |
US7159114B1 (en) | 2001-04-23 | 2007-01-02 | Diebold, Incorporated | System and method of securely installing a terminal master key on an automated banking machine |
US7865427B2 (en) | 2001-05-30 | 2011-01-04 | Cybersource Corporation | Method and apparatus for evaluating fraud risk in an electronic commerce transaction |
US7983419B2 (en) * | 2001-08-09 | 2011-07-19 | Trimble Navigation Limited | Wireless device to network server encryption |
US20030084301A1 (en) * | 2001-10-30 | 2003-05-01 | Krawetz Neal A. | System and method for secure data transmission |
US7283154B2 (en) * | 2001-12-31 | 2007-10-16 | Emblaze V Con Ltd | Systems and methods for videoconference and/or data collaboration initiation |
US20030208449A1 (en) * | 2002-05-06 | 2003-11-06 | Yuanan Diao | Credit card fraud prevention system and method using secure electronic credit card |
US8180051B1 (en) | 2002-10-07 | 2012-05-15 | Cisco Technology, Inc | Methods and apparatus for securing communications of a user operated device |
US8582764B2 (en) * | 2003-03-24 | 2013-11-12 | The Western Union Company | Device and method for concealing customer information from a customer service representative |
US20050238152A1 (en) * | 2004-04-26 | 2005-10-27 | Rodrick Darel Tidwell | Prepaid long distance calling card automatic reader dialer |
US20060043170A1 (en) * | 2004-09-02 | 2006-03-02 | Weaver Howard C | Personal account protection system |
US20080282331A1 (en) * | 2004-10-08 | 2008-11-13 | Advanced Network Technology Laboratories Pte Ltd | User Provisioning With Multi-Factor Authentication |
US7676027B2 (en) * | 2005-06-30 | 2010-03-09 | Intel Corporation | Systems and methods to send and receive encrypted DTMF digits in a data flow |
JP4532421B2 (en) | 2006-02-27 | 2010-08-25 | アラクサラネットワークス株式会社 | Network relay device |
CN101087201B (en) * | 2006-06-07 | 2010-05-12 | 陈川 | Phone trading payment system and method |
US8335745B2 (en) | 2006-10-11 | 2012-12-18 | Visa International Service Association | Method and system for processing micropayment transactions |
US10068220B2 (en) | 2006-10-11 | 2018-09-04 | Visa International Service Association | Systems and methods for brokered authentication express seller links |
US8176173B2 (en) * | 2008-09-12 | 2012-05-08 | George Mason Intellectual Properties, Inc. | Live botmaster traceback |
US7827108B2 (en) * | 2008-11-21 | 2010-11-02 | Visa U.S.A. Inc. | System and method of validating a relationship between a user and a user account at a financial institution |
CA3184461A1 (en) | 2009-02-10 | 2010-09-02 | 4361423 Canada Inc. | Apparatus and method for commercial transactions using a communication device |
US9230259B1 (en) | 2009-03-20 | 2016-01-05 | Jpmorgan Chase Bank, N.A. | Systems and methods for mobile ordering and payment |
US8612352B2 (en) | 2010-10-13 | 2013-12-17 | Square, Inc. | Decoding systems with a decoding engine running on a mobile device and coupled to a payment system that includes identifying information of second parties qualified to conduct business with the payment system |
US8676639B2 (en) | 2009-10-29 | 2014-03-18 | Visa International Service Association | System and method for promotion processing and authorization |
US8280788B2 (en) | 2009-10-29 | 2012-10-02 | Visa International Service Association | Peer-to-peer and group financial management systems and methods |
BR122017028173A2 (en) * | 2010-08-25 | 2021-02-23 | Ace Series A Holdco Llc | method for transferring funds |
US8619951B2 (en) * | 2010-12-06 | 2013-12-31 | Kombea Corporation | Systems and methods to securely collect data over a telephone |
US9324065B2 (en) | 2014-06-11 | 2016-04-26 | Square, Inc. | Determining languages for a multilingual interface |
US9760740B1 (en) | 2014-06-23 | 2017-09-12 | Square, Inc. | Terminal case with integrated dual reader stack |
US11080674B1 (en) | 2014-09-19 | 2021-08-03 | Square, Inc. | Point of sale system |
US10753982B2 (en) | 2014-12-09 | 2020-08-25 | Square, Inc. | Monitoring battery health of a battery used in a device |
US11481750B2 (en) | 2015-06-30 | 2022-10-25 | Block, Inc. | Pairing a payment object reader with a point-of-sale terminal |
US11080675B1 (en) | 2015-09-08 | 2021-08-03 | Square, Inc. | Point-of-sale system having a secure touch mode |
US11087315B2 (en) | 2015-09-24 | 2021-08-10 | Square, Inc. | Server-assisted pairing for wireless communications |
US10108412B2 (en) | 2016-03-30 | 2018-10-23 | Square, Inc. | Blocking and non-blocking firmware update |
US10937019B2 (en) | 2016-06-08 | 2021-03-02 | Square, Inc. | Wireless communication system with auxiliary antenna |
US10817869B2 (en) | 2016-06-29 | 2020-10-27 | Square, Inc. | Preliminary enablement of transaction processing circuitry |
US11010765B2 (en) | 2016-06-29 | 2021-05-18 | Square, Inc. | Preliminary acquisition of payment information |
US11871237B1 (en) | 2016-06-30 | 2024-01-09 | Block, Inc. | Pairing a payment object reader with a point-of-sale terminal |
US10402816B2 (en) | 2016-12-31 | 2019-09-03 | Square, Inc. | Partial data object acquisition and processing |
US10621590B2 (en) | 2017-02-22 | 2020-04-14 | Square, Inc. | Line-based chip card tamper detection |
US10733589B2 (en) | 2017-04-28 | 2020-08-04 | Square, Inc. | Point of sale device power management and under voltage protection |
US10949189B2 (en) | 2017-06-28 | 2021-03-16 | Square, Inc. | Securely updating software on connected electronic devices |
US10635820B1 (en) | 2017-09-29 | 2020-04-28 | Square, Inc. | Update policy-based anti-rollback techniques |
US11257058B1 (en) * | 2017-10-30 | 2022-02-22 | Square, Inc. | Sharing output device between unsecured processor and secured processor |
US10410021B1 (en) | 2017-12-08 | 2019-09-10 | Square, Inc. | Transaction object reader with digital signal input/output and internal audio-based communication |
US10970698B1 (en) * | 2017-12-08 | 2021-04-06 | Square, Inc. | Reader detection signal bypassing secure processor |
US11587073B1 (en) * | 2017-12-15 | 2023-02-21 | Worldpay, Llc | Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting |
US11087301B1 (en) | 2017-12-19 | 2021-08-10 | Square, Inc. | Tamper resistant device |
US10762196B2 (en) | 2018-12-21 | 2020-09-01 | Square, Inc. | Point of sale (POS) systems and methods with dynamic kernel selection |
US10990969B2 (en) | 2018-12-21 | 2021-04-27 | Square, Inc. | Point of sale (POS) systems and methods for dynamically processing payment data based on payment reader capability |
US11049095B2 (en) | 2018-12-21 | 2021-06-29 | Square, Inc. | Point of sale (POS) systems and methods with dynamic kernel selection |
US11663368B2 (en) | 2019-09-30 | 2023-05-30 | Block, Inc. | Tamper detection based on removal of fastener from recess |
US11665817B2 (en) | 2019-09-30 | 2023-05-30 | Block, Inc. | Tamper detection based on flexible member connecting circuitry elements |
US10810570B1 (en) | 2019-09-30 | 2020-10-20 | Square, Inc. | Point of sale device with cradle for mobile computing device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1991007042A1 (en) * | 1989-11-03 | 1991-05-16 | National Transaction Network, Inc. | Portable automated teller machine |
EP0565279A2 (en) * | 1992-04-06 | 1993-10-13 | AT&T Corp. | A universal authentication device for use over telephone lines |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4707592A (en) * | 1985-10-07 | 1987-11-17 | Ware Paul N | Personal universal identity card system for failsafe interactive financial transactions |
US4691344A (en) * | 1986-01-21 | 1987-09-01 | Aquatrol Corporation | Low-powered remote sensor and telephone line transmitter |
JPS6383853U (en) * | 1986-11-20 | 1988-06-01 | ||
US4897865A (en) * | 1988-04-29 | 1990-01-30 | Epic Data, Inc. | Telephone data collection device |
US5157717A (en) * | 1989-11-03 | 1992-10-20 | National Transaction Network, Inc. | Portable automated teller machine |
-
1993
- 1993-03-29 US US08/038,895 patent/US5351296A/en not_active Expired - Lifetime
-
1994
- 1994-03-28 CA CA002159365A patent/CA2159365A1/en not_active Abandoned
- 1994-03-28 EP EP94911733A patent/EP0708950A1/en not_active Withdrawn
- 1994-03-28 AU AU64177/94A patent/AU6417794A/en not_active Abandoned
- 1994-03-28 WO PCT/US1994/003344 patent/WO1994023400A1/en not_active Application Discontinuation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1991007042A1 (en) * | 1989-11-03 | 1991-05-16 | National Transaction Network, Inc. | Portable automated teller machine |
EP0565279A2 (en) * | 1992-04-06 | 1993-10-13 | AT&T Corp. | A universal authentication device for use over telephone lines |
Also Published As
Publication number | Publication date |
---|---|
CA2159365A1 (en) | 1994-10-13 |
EP0708950A1 (en) | 1996-05-01 |
US5351296A (en) | 1994-09-27 |
AU6417794A (en) | 1994-10-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5351296A (en) | Financial transmission system | |
US4601011A (en) | User authorization verification apparatus for computer systems including a central device and a plurality of pocket sized remote units | |
US7231372B1 (en) | Method and system for paying for goods or services | |
CN1588386B (en) | System and method for realizing article information detection by radio frequency identification and mobile communication combination | |
US9286605B2 (en) | Secure credit card with near field communications | |
US6023682A (en) | Method and apparatus for credit card purchase authorization utilizing a comparison of a purchase token with test information | |
CA2140803C (en) | Method of authenticating a terminal in a transaction execution system | |
US4849613A (en) | Method and device for making an electronic authentication | |
CN1307594C (en) | Payment system | |
KR970005640B1 (en) | Transaction system | |
US5585787A (en) | Programmable credit card | |
US20020161708A1 (en) | Method and apparatus for performing a cashless payment transaction | |
US8751349B1 (en) | Audio-equipped transaction card systems and approaches | |
CN102880955B (en) | A kind of high safety with fingerprint method of payment | |
CN106375326B (en) | A kind of mobile phone bi-directional verification terminal and method | |
CN103039035A (en) | Short-range secure data communication method based on sound wave or audio, and apparatus thereof | |
CN1118482A (en) | Remote financial transaction system | |
WO2002086826A1 (en) | Financial information input method using symmetrical key security algorithm and commercial transaction system for mobile communications | |
US20010027116A1 (en) | Electronic wallet | |
US20020095580A1 (en) | Secure transactions using cryptographic processes | |
WO2007071157A1 (en) | A recognition method for electronic payment and id authentication terminal and atm | |
JP2001351155A (en) | Payment authenticating method of automatic vending machine using portable telephone, and payment authentication system | |
KR0170165B1 (en) | Home banking terminal unit using smart card and its operation method | |
RU2216773C2 (en) | Clearing system | |
KR0170164B1 (en) | Firm banking terminal unit using smart card and its operation method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AT AU BB BG BR BY CA CH CN CZ DE DK ES FI GB HU JP KP KR KZ LK LU LV MG MN MW NL NO NZ PL PT RO RU SD SE SI SK TT UA US UZ VN |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2159365 Country of ref document: CA |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1994911733 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1994911733 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1994911733 Country of ref document: EP |