WO1997010562A1 - Programming interface for a smart card kiosk - Google Patents

Programming interface for a smart card kiosk Download PDF

Info

Publication number
WO1997010562A1
WO1997010562A1 PCT/US1996/014658 US9614658W WO9710562A1 WO 1997010562 A1 WO1997010562 A1 WO 1997010562A1 US 9614658 W US9614658 W US 9614658W WO 9710562 A1 WO9710562 A1 WO 9710562A1
Authority
WO
WIPO (PCT)
Prior art keywords
kiosk
card
smaπ
application
functions
Prior art date
Application number
PCT/US1996/014658
Other languages
French (fr)
Inventor
G. Fred Renner
Lisa Anne Mccauley
Original Assignee
Cybermark, L.L.C.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cybermark, L.L.C. filed Critical Cybermark, L.L.C.
Priority to AU70197/96A priority Critical patent/AU7019796A/en
Publication of WO1997010562A1 publication Critical patent/WO1997010562A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/18Payment architectures involving self-service terminals [SST], vending machines, kiosks or multimedia terminals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/0014Coin-freed apparatus for hiring articles; Coin-freed facilities or services for vending, access and use of specific services not covered anywhere else in G07F17/00
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/16Coin-freed apparatus for hiring articles; Coin-freed facilities or services for devices exhibiting advertisements, announcements, pictures or the like

Definitions

  • This invention relates generally to computer terminals in systems which use smart cards (i.e. , cards having an embedded microprocessor) for various purposes More particularly, the invention provides a kiosk having a set of software services which allows vendors to interact with sma ⁇ cards inserted into the kiosk in order to perform vanous functions
  • Providmg computer terminals in various types of systems which allow services to be purchased using smart cards is also well known.
  • conventional computer terminals in such systems use proprietary designs which make it difficult, if not impossible, for third party vendors (or "application service providers") to gam access to smart cards inse ⁇ ed into the terminals.
  • Pan of this problem may stem from the fact that operators of such systems assume that all services will be provided directly by the system operator The system operator in effect has a monopoly on determining what services will be provided, how they will be provided, and the details of interfaces to the sma ⁇ cards.
  • a third pa ⁇ y vendor who wishes to provide a service to cardholders in the system has no easy way to "plug into” the computer terminal to provide such services.
  • system operators may use proprietary data storage techniques to install various types of applications and data on sma ⁇ cards which are to be used in the computer terminal, thus making it difficult for third pa ⁇ y application service providers to gain access to specific info ⁇ nation on the cards. Even assuming that third pa ⁇ y providers were given access to the cards, there is no way to ensure that each vendor's data could be protected from access or modification by another vendor's application or by the system operator. Thus, vendors might be discouraged from providing their applications in the computer terminal in the absence of security provisions to prevent tampering with their applications or data on the sma ⁇ cards pertaining to their applications. Finally , providing a plurality of different applications for use with a single sma ⁇ card creates a configuration management problem when changes are made to the applications.
  • the present invention solves the aforementioned problems by providing a kiosk which provides a variety of application-level services for sma ⁇ card- related applications.
  • the invention provides an interface for vendors to install applications in a kiosk in order to conduct transactions with sma ⁇ card users.
  • the interface includes, in various embodiments and combinations, an operator interface including display and data entry functions, card data access services which can be used independently of the type of sma ⁇ card or file structures used on the cards, stored value functions which can be used independently of the type of sma ⁇ card or file structures used on the cards, and various security and PIN pad functions.
  • the sma ⁇ card kiosk can accept different types of sma ⁇ cards and hide those differences from applications which interact with the sma ⁇ cards.
  • the invention provides a kiosk which allows applications and corresponding data structures on a sma ⁇ card to be automatically updated, without the cardholder's knowledge, when the card is inse ⁇ ed into Lhe kiosk.
  • Such an automatic update function can be used to correct defective applications previously installed on the sma ⁇ card, to add new applications, or to change parameters associated with existing applications. It can also be used to pa ⁇ ially disable certain functions or applications without forcing the cardholder to entirely give up possession of Lhe card.
  • the invention provides a kiosk in which various counters and other information maintained on each sma ⁇ card can be automatically extracted and uploaded to a system server each time the sma ⁇ card is used in the kiosk.
  • This automated collection process facilitates statistical analysis in the system server.
  • the system may be employed on a college campus or at a company-wide location with devices coupled through a local area network or wide area network as suited to the pa ⁇ icular geography.
  • FIG. 1 shows a kiosk hardware configuration in accordance with various embodiments of the invention.
  • FIG. 2 shows one possible software arrangement for providing application-level services in a kiosk in accordance with various principles of the invention.
  • FIG. 3 shows a series of steps which may be performed to control the operation of applications at a kiosk.
  • FIG. 4 shows some of the applications which are contemplated as being provided on a kiosk in accordance with the invention.
  • FIG. 5 shows how personal information may be provided to a cardholder.
  • FIG. 6 shows a series of steps which may be carried out to revalue a stored value card at a kiosk.
  • FIG. 7 shows how a merchant ordering application may be provided at a kiosk.
  • FIG. 8 A and 8B show various pre-specified screen templates which may be used to create information displays at a kiosk. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • FIG. 1 shows a hardware configuration for a kiosk in accordance with various embodiments of the invention.
  • Kiosk 100 may be coupled to a system server 101 over a network 113 such as a LAN or WAN using client-server protocols such as a DCE/Encina protocol for communication between the kiosk 100 and system server 101.
  • System server 101 may in turn be coupled to one or more financial networks 110 to perform financial transactions such as on-line debits, credit transactions, and funds transfers.
  • Additional kiosks 111 and 112 may also be coupled to system server 101 over network 113, it being understood that the hardware and software descriptions pertaining to kiosk 100 also apply to these other kiosks.
  • a vendor computer 114 may be coupled to system server 101 through any of various means, such as computer networks, modems or the like.
  • Kiosk 100 includes a computer and memory 102 coupled to various peripheral devices including CD-ROM unit 10 4 , LAN interface 103, a secure access module (SAM) 105, encrypted PIN pad 106, a card reader 107 which may comprise a hybrid card reader able to read sma ⁇ cards which have a magnetic stripe, display unit 108 which may comprise a touch panel display, and a printer 109 which may be used for printing receipts of transactions.
  • SAM secure access module
  • card reader 107 which may comprise a hybrid card reader able to read sma ⁇ cards which have a magnetic stripe
  • display unit 108 which may comprise a touch panel display
  • printer 109 which may be used for printing receipts of transactions.
  • computer 102 may comprise an Intel-based microprocessor running the WindowsTM operating system.
  • a cardholder inserts a smart card into card reader 107, views various options on display 108 for performing transactions, makes selections based on the displayed information, and obtains a receipt from printer 109.
  • the kiosk may be arranged to perform certain functions without inse ⁇ ing a sma ⁇ card. For example, informational services may be provided to users without the use of sma ⁇ cards.
  • the kiosk 100 in FIG. 1 is illustrated as being equipped with peripherals which are suitable for a "stand-alone" configuration, such as might be placed in a shopping mall, a public place on a college campus, or a similar setting.
  • kiosk 100 is also contemplated for a "private" setting such as for use in a person's home.
  • This variation while still generally configured as shown in FIG. 1, is preferably configured to operate on a PC-type home computer and may omit certain peripherals such as PIN pad 106, and may use a regular CRT type display instead of a touch panel display.
  • Each kiosk may be configured with applications which allow users (including sma ⁇ card holders) to conveniently retrieve information, and to order and pay for goods and services.
  • the kiosk may provide an application which displays the daily or weekly menu for cafeterias on the campus.
  • the kiosk may provide an application which allows a card holding student to design and order copies of a resume which are then printed at a print shop for later delivery or pick-up. The latter could be done from the convenience of the student's PC configured as a kiosk in accordance with the principles of the invention.
  • Other applications and features are described in more detail herein.
  • FIG. 2 shows one possible software arrangement for providing application-level services in a kiosk in accordance with various principles of the invention. It is contemplated that the software features and structure shown in FIG. 2 is installed and operating on kiosk 100 shown in FIG. 1. As shown in
  • FIG. 2 a set of kiosk applications 200 is provided on top of a plurality of application level kiosk services 201 through 207.
  • application level services may include, in various embodiments, an operator interface 201, kiosk server 202, card data access functions 203, stored value functions 204, security functions 205, PIN pad functions 206, and automatic update functions 207.
  • Operator interface 201 preferably provides a set of windowing functions, an "attract" screen which operates when the kiosk is idle, a set of standard templates which can be used by vendors to design an operator interface suitable for a pa ⁇ icular application, and an order selection and accumulation function for compiling order information for applications which sell goods or services.
  • Operator interface 201 preferably hides implementation details of display 209, such that vendors developing kiosk applications need only make function calls to services in operator interface 201.
  • the encapsulation and abstractions provided by operator interface 201 thus simplify and standardize the task of creating vendor applications which operate harmoniously on kiosk 100.
  • Kiosk server 202 includes, in various embodiments, internal message routing functions for transmitting data among applications, and a kiosk control function for scheduling applications based on menu selections made by a user/cardholder.
  • Card data access functions 203 includes a set of functions which may be used to retrieve, modify and store data contained on a sma ⁇ card which has been inse ⁇ ed into sma ⁇ card reader 210.
  • Stored value functions 204 preferably include a group of functions which allow stored value on a sma ⁇ card to be decremented or incremented as pan of a devalue or revalue transaction.
  • a sma ⁇ card application programming interface (SCRAPI) 208 preferably provides a means of isolating differences among different types of sma ⁇ cards from kiosk applications, as disclosed in parent application serial number 08/414,495.
  • SCRAPI application programming interface
  • one type of sma ⁇ card may directly provide purse manipulation functions, while another vendor's sma ⁇ card may not.
  • One feature of SCRAPI 208 is thus to hide such differences from kiosk applications 200 so that each vendor need not be aware of the various types of sma ⁇ cards used in the kiosk.
  • a group of security functions 205 is preferably included to allow various kiosk applications to perform authentication, encryption/decryption, and other related functions in conjunction with sma ⁇ cards used in the kiosk.
  • such functions may be provided by a secure access module (SAM) 211 which may be implemented in hardware or software.
  • SAM secure access module
  • Security functions 205 preferably isolate kiosk applications 200 from specific implementation details of SAM 211.
  • a kiosk-to-card authentication process occurs using security functions 205.
  • the authentication of a sma ⁇ card using derived keys is well known and thus not explained in detail here.
  • a group of PIN pad functions 206 is included in various embodiments to allow kiosk applications to interface with an encrypted pin pad 212.
  • a set of automatic update functions 207 is included in various embodiments to automatically collect information from smart cards inserted into the kiosk, to automatically enable or disable functions on smart cards used in the kiosk, and to automatically update code and data in the kiosk.
  • FIG. 3 shows a series of steps which may be performed in kiosk 100 in accordance with the software shown in FIG. 2.
  • an "attract" screen is displayed on display 209 during an idle state.
  • This screen may comprise a "screen saver” type of image which moves across display 209 and serves to entice passersby to use the kiosk.
  • the "attract" screen may include a campus logo or other type of image tailored to the particular campus.
  • the image may comprise a company logo or a safety reminder, for example.
  • a test is made to determine whether any users are present, as might be determined by the pressing of a button or a touch-screen display, by detecting that a user has inse ⁇ ed a card, or by the output of a motion detector. If no users are present, then in step 303 a test is made to determine whether any remote updates from system server 101 need to be made. Examples of such updates include changing the daily menu for a campus cafeteria, installing new applications, or downloading other information used by various applications on Lhe kiosk. One of ordinary skill in the an will recognize that rather than "polling" the server to determine whether any such updates are available, such updates may be automatically initiated by system server 101.
  • the updates may preferably be made in two stages: a first stage in which files are downloaded from the server, and a second stage in which the downloaded info ⁇ nation is installed as the operative configuration in the kiosk.
  • a Remote Code Update (RCU) software utility available from Tivoli, Inc. may be used to install code and data changes.
  • the data download stage may be performed concurrently with the execution of various applications at the kiosk, the installation stage is preferably performed while the kiosk is disabled to prevent users from attempting to use the kiosk.
  • the display is preferably locked out (assuming that it is not currently in use) to prevent users from accessing the applications.
  • step 305 the changes to code and/ ⁇ r data are installed in the kiosk, then in step 306 the display is unlocked to allow users to again use the kiosk.
  • a main menu is displayed on display 108 preferably under the control of kiosk server 202.
  • the customer makes a selection from Lhe menu, which may comprise any of various applications such as those shown in FIG. 4.
  • kiosk 100 may be generally classified into one of two types: free applications for which no payment is necessary and no card is required, and payment applications, for which the user must provide payment in the form of a stored value debit, an on-line bank debit, or a credit card transaction.
  • free applications for which no payment is necessary and no card is required
  • payment applications for which the user must provide payment in the form of a stored value debit, an on-line bank debit, or a credit card transaction.
  • step 308 the customer is prompted to inse ⁇ his sma ⁇ card, which may comprise a GEMPLUS MPCOSTM card for example.
  • kiosk 100 automatically extracts counters from the inse ⁇ ed card under the control of automatic update functions 207 and transmits them to server 101 for statistical purposes. Examples of counters which may be extracted from the inse ⁇ ed card include the following:
  • a check is made based on information received from server 101 as to whether any updates need to be made to the card.
  • Such updates can include the installation of new applications (for example, adding a meal plan to the card, or adding library privileges), modification of existing applications (for example, changing the meal plan a student is entitled to use), or deletion/disabling of existing applications (for example, revoking library or parking privileges).
  • system server 101 can disable the card the first time it is inserted into a kiosk durin ⁇ an attempted use by a finder of the card.
  • step 311 if any such changes are needed, the changes can be installed directly on the card without the cardholder's intervention.
  • a student's parking privileges may be revoked, and the student directly notified on the kiosk display, without disabling the entire smart card.
  • updates made to the sma ⁇ card 311 are preferably controlled from central server 101 such that the server maintains an inventory of the services and features which are available to the cardholder. Updates may be made by deleting a file on the card or setting a flag contained in a file on the card.
  • Updates may be made by deleting a file on the card or setting a flag contained in a file on the card.
  • step 310 if no card updates are pending, then in step 312 the application selected by Lhe user is executed.
  • the selected application may comprise any of those shown in FIG. 4, or others as suitable for the particular kiosk.
  • the selected application is executed in step 312 (assuming that the particular application has not been disabled).
  • the kiosk returns to an idle state in which the attract screen is displayed (step 301). The card may remain in the kiosk while the cardholder uses multiple applications.
  • FIG. 4 illustrates some of the many applications which are contemplated as being provided on kiosk 100.
  • General information applications 401 may be provided at kiosk 100 without the need to insert a card into card reader 107.
  • General information applications include maps of a campus or company location, menus for a cafeteria or restaurant updated daily or weekly, schedules of various events such as sporting events and library hours, advertisements for various types of products or services, or club information.
  • the information needed to display the information depicted may be stored in computer memory 102 (which may include RAM, ROM, and/or disk) or CD- ROM unit 104 (see FIG. 1). Changes to the information provided by these applications may be made via automatic update functions 207 (see FIG. 2).
  • general information applications display information selected by a user from touch screen display 108.
  • One of ordinary skill in the an will recognize how to construct such information displays using information stored within kiosk 100.
  • the information may be provided through a set of window functions such as are provided by the Microsoft WindowsTM operating system. Additional functions may be provided to augment basic windowing functions provided by the operating system, and templates (see below) may be used to provide a limited set of "standard" display formats.
  • Personal information applications 402 allow a cardholder to access personal information stored on a sma ⁇ card or maintained in system server 101. It is generally contemplated that a cardholder needs to supply a PIN in order to access information such as the cardholder's name/address and other information, the status of various functions active on the card (such as displaying the meal plan currently active), grades, or the status of various financial accounts maintained in system server 101 or other computers.
  • FIG. 5 shows how personal information may be provided to a cardholder.
  • the user is prompted to enter his PIN which was previously assigned.
  • the user's PIN is verified, preferably using a PIN checking function on the card through the use of security functions 205 (see FIG. 2).
  • a determination is made as to whether the information is of a type stored on the sma ⁇ card. If not, then in step 504 a request is made to server 101 to supply the requested information. If the information is stored on the card (such as a list of card functions and their status), then in step 505 the information is extracted from the sma ⁇ card, preferably using card data access functions 203 (FIG. 2).
  • the information obtained either from the card or from server 101 is displayed to the user on display 108. It will be recognized that certain applications, such as the display of a student's grades, may be limited to a
  • Revalue card applications 403 provide a cardholder with the ability to add stored value to an inserted smart card using either an on-line bank debit transaction, an on-line credit card transaction, or inse ⁇ ing cash.
  • FIG. 6 shows a series of steps which may be carried out to revalue a stored value card at kiosk 100. Beginning in step 601, the user selects a payment type (i.e. , debit, credit, or cash).
  • a payment type i.e. , debit, credit, or cash
  • step 602 if it is determined that a debit payment is to be conducted, then in step 603 the user is prompted for his personal bank PIN (not to be confused with PINs used to authenticate the user with respect to the stored value card itself), and in step 604 an on-line bank debit transaction is initiated from system server 101 and the user's private bank account through financial network 110.
  • This step may include steps of extracting the user's bank account information from a magnetic stripe on the stored value card, combining it with the user's PIN (which may be provided in encrypted form via PIN pad 106 and extracted via PIN pad functions 206), and forwarding the request to system server 101 to initiate the bank transfer operation.
  • the kiosk may be provided with a separate magnetic card reader which accepts the user's bank debit card to supply this information.
  • Bank transfers may be carried out through any of various banking services, such as those provided by Gensar, a company which provides such services in certain regions of the country
  • step 606 a bank credit transaction is initiated, preferably using credit card account information obtained either from a magnetic stripe on the user's stored value card, or from a separate credit card inse ⁇ ed by the user into a magnetic stripe reader (it will be appreciated that the same hybrid reader can be used for both card types).
  • a credit transaction is initiated from system server 101 through financial network 110 or other bank-to-bank protocols to obtain a credit authorization.
  • step 607 cash may be used to revalue the card. This step involves the user's inse ⁇ ion of bills into a bill acceptor (not shown) to accept the money
  • step 608 the value on the stored value card is updated to reflect the payment made by the user.
  • this transaction is conducted on-line with system server 101 using an anonymous account number which cannot be traced to the pamcular cardholder (see copending application serial number 08/ ).
  • m step 609 a receipt is generated using printer 109 (see FIG. 1).
  • card balance and transactions application 404 will be described.
  • a cardholder may immediately view the card's balance on display 108.
  • This feature preferably includes the step of using stored value functions 204 (see FIG. 2) to retrieve the card's balance while hiding details of the stored value function implementation on the pamcular card.
  • the cardholder may view the last 10 or so transactions stored on the card upon entry of a PIN which is verified locally with the stored value card, preferably through the use of security functions 205 (see FIG. 2).
  • Merchant ordering applications 405 may include any of various types of applications which require payment by a user. For example, a user may order food such as pizzas, order goods from one or more catalogs the contents of which are accessible at kiosk 100, order books, or order items such as clothing from advertisements or other displayable images on kiosk 100.
  • merchants may be provided with software services such as these shown in FIG. 2 in order to design applications which arc executed on kiosk 100.
  • a set of standard templates may be used to create pre-defined images for presenting options to the user, making item selections, and for accumulating order totals and the like. Providing a limited set of such standard templates enhances commonality among applications provided at the kiosk and simplifies the task of developing kiosk-based applications.
  • FIG. 7 shows how a generic merchant ordering application may be provided at kiosk 100.
  • the user inserts his stored value card (or bank debit card, or credit card) into card reader 107.
  • a merchant menu display is provided under the control of kiosk server 202; the menu contains items defined by the particular merchant. For example, a pizza merchant might provide a display of different pizza sizes and toppings, while a catalog merchant might provide an opening display of a catalog page with options for paging through the catalog or performing a keyword search in the catalog.
  • the customer selects the particular product or service from the display.
  • step 704 if the customer's payment is to be from the stored value card itself, then in step 705 the value on the card is decremented according to the order total.
  • step 706 a record of the stored value transaction is stored in kiosk 100 in a memory area, and in step 707 the specific merchant's merchandise is authorized (for example, an order can be placed in vendor computer 114 from system server 101). Payment to the vendor may be effected during a settlement process as described more fully in copending application serial number 08/ .
  • step 709 the customer is prompted to enter his bank PIN, and in step 710 an on-line bank debit operation is performed in a manner similar to that shown and described with reference to FIG. 6.
  • step 707 the merchant's order for goods or services is authorized, again preferably by communicating with vendor computer 114. It will be appreciated that many different vendor computers may be provided in communication with system server 101. If in step 711 it is determined that payment will be made using a credit transaction, then in step 712 an on-line credit transaction is performed using steps similar to those described with reference to FIG. 6. Finally, in step 707 the specific merchant's transaction is authorized.
  • a group of content delivery applications 406 may also be provided on kiosk 100.
  • these may comprise the sale of information using payment mechanisms shown in FIG. 7 with reference to merchant ordering applications.
  • Content delivery applications may include ordering excerpts from various books (including the payment of applicable copyright royalty clearance fees) or performing on-line research using databases which require payment for searches.
  • on-demand printing applications 407 may be provided at kiosk 100.
  • These services can include the formatting and content generation for resumes, papers (such as a thesis or book), or business cards.
  • the payment mechanisms for these applications may be effected in the same manner as merchant ordering applications discussed above.
  • the user may be required to provide substantially more info ⁇ nation.
  • a draft copy of a resume in word processor format may be required.
  • resumes and business cards and the like the user may be prompted to select from a variety of styles and print quantities.
  • these services are analogous to an on-line print shop. However, they can be provided cheaply and effectively from a smart card kiosk either at a public location or at a private kiosk in a student's home computer.
  • FIGs. 8A and 8B show various pre-specified screen templates which may be used to create information displays at kiosk 100.
  • Screen template 800 for example, may be used for displaying a simple image, while screen template 802 may be used for displaying a "rich text file" next to an image on the same screen.
  • These predefined screen templates may be provided as part of operator interface 201 to allow various merchants and application developers to gain provide applications at kiosk 100.
  • a first key may be used for performing card value/devalue operations; a second key may be used for a second application, a third key may be used for a third application, and so forth.
  • a first key may be used for performing card value/devalue operations; a second key may be used for a second application, a third key may be used for a third application, and so forth.
  • data accessed on each card can be maintained with a higher degree of security, in that the compromise of a single key affecting a single application would not necessarily compromise other applications on the card.
  • a kiosk including a set of application level services which provides a convenient way of paying for and ordering various types of goods and services, and for obtaining information relevant to a particular kiosk location.
  • the kiosk may automatically extract usage information from cards used in the kiosk and provide this information to a system server for statistical analysis. Additionally, code and data in the kiosk may be updated from the system server, and functions and data on each cardholder's sma ⁇ card may be updated automatically without the user's intervention when the card is inse ⁇ ed into a kiosk.

Abstract

A kiosk for use with smart cards includes a plurality of software services (200) accessible by one or more application programs executing in the kiosk through an application programming interface. The software services include operator interface functions (201), card data access functions (203), smart card stored value functions (204), and security functions (205). Various applications may be provided in the kiosk including applications for information access, card revalue operations, merchant ordering, and content delivery services. An automatic update feature (207) may be used to update data and code in the kiosk, and functions on smart cards which are inserted into the kiosk.

Description

PROGRAMMING INTERFACE FOR A SMART CARD KIOSK
This application is a continuation-in-part of U . S . application serial number 08/414,495, filed on March 31 , 1995, which is incorporated by reference herein This application is also related in subject matter to commonly assigned copending application serial no. 08/ , entitled "Stored Value Transaction
System and Method Using Anonymous Account Numbers", filed on the same date herewith.
BACKGROUND OF THE INVENTION 1 Technical Field
This invention relates generally to computer terminals in systems which use smart cards (i.e. , cards having an embedded microprocessor) for various purposes More particularly, the invention provides a kiosk having a set of software services which allows vendors to interact with smaπ cards inserted into the kiosk in order to perform vanous functions
2. Related Information
The use of smart cards to perform vanous types of transactions in systems is well known. For example, some systems provide a way for a cardholder to install a fixed amount of cash equivalent value onto a smart card and to spend the value on Lhe card by inserting the card into any ot various types of devices, such as vending machines. After the value on a card is exhausted, the cardholder may "revalue" the card by inserting it into a machine and then inserting cash, a debit card, or a credit card to transfer additional funds to the smart card.
Providmg computer terminals in various types of systems which allow services to be purchased using smart cards is also well known. However, conventional computer terminals in such systems use proprietary designs which make it difficult, if not impossible, for third party vendors (or "application service providers") to gam access to smart cards inseπed into the terminals. Pan of this problem may stem from the fact that operators of such systems assume that all services will be provided directly by the system operator The system operator in effect has a monopoly on determining what services will be provided, how they will be provided, and the details of interfaces to the smaπ cards. Thus, a third paπy vendor who wishes to provide a service to cardholders in the system has no easy way to "plug into" the computer terminal to provide such services. Additionally, system operators may use proprietary data storage techniques to install various types of applications and data on smaπ cards which are to be used in the computer terminal, thus making it difficult for third paπy application service providers to gain access to specific infoπnation on the cards. Even assuming that third paπy providers were given access to the cards, there is no way to ensure that each vendor's data could be protected from access or modification by another vendor's application or by the system operator. Thus, vendors might be discouraged from providing their applications in the computer terminal in the absence of security provisions to prevent tampering with their applications or data on the smaπ cards pertaining to their applications. Finally , providing a plurality of different applications for use with a single smaπ card creates a configuration management problem when changes are made to the applications. For example, if a single smaπ card is configured to suppoπ an access control application, a library book check-out application, a cafeteria meal plan application, and a stored value "spend" function which can be used in vending machines and the like, changes to any one of these applications would require that Lhe smaπ card be returned to a common location and the card reconfigured to suppoπ the change. Requiring that a cardholder return to a central location to install the changes causes an inconvenience and lessens the utility of the card. The term "kiosk" will be used herein to refer to a computer-based transaction terminal which provides services to smaπ card users. SUMMARY OF THE INVENTION
The present invention solves the aforementioned problems by providing a kiosk which provides a variety of application-level services for smaπ card- related applications. In paπicular, the invention provides an interface for vendors to install applications in a kiosk in order to conduct transactions with smaπ card users. The interface includes, in various embodiments and combinations, an operator interface including display and data entry functions, card data access services which can be used independently of the type of smaπ card or file structures used on the cards, stored value functions which can be used independently of the type of smaπ card or file structures used on the cards, and various security and PIN pad functions.
In accordance with the principles of the invention disclosed in parent application serial number 08/414,495, incorporated herein by reference, the smaπ card kiosk can accept different types of smaπ cards and hide those differences from applications which interact with the smaπ cards.
Additionally, the invention provides a kiosk which allows applications and corresponding data structures on a smaπ card to be automatically updated, without the cardholder's knowledge, when the card is inseπed into Lhe kiosk. Such an automatic update function can be used to correct defective applications previously installed on the smaπ card, to add new applications, or to change parameters associated with existing applications. It can also be used to paπially disable certain functions or applications without forcing the cardholder to entirely give up possession of Lhe card.
Finally, the invention provides a kiosk in which various counters and other information maintained on each smaπ card can be automatically extracted and uploaded to a system server each time the smaπ card is used in the kiosk. This automated collection process facilitates statistical analysis in the system server. The system may be employed on a college campus or at a company-wide location with devices coupled through a local area network or wide area network as suited to the paπicular geography. Various other objects and advantages of the present invention will become apparent through the following detailed description, figures, and the appended claims.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 shows a kiosk hardware configuration in accordance with various embodiments of the invention.
FIG. 2 shows one possible software arrangement for providing application-level services in a kiosk in accordance with various principles of the invention.
FIG. 3 shows a series of steps which may be performed to control the operation of applications at a kiosk.
FIG. 4 shows some of the applications which are contemplated as being provided on a kiosk in accordance with the invention.
FIG. 5 shows how personal information may be provided to a cardholder.
FIG. 6 shows a series of steps which may be carried out to revalue a stored value card at a kiosk.
FIG. 7 shows how a merchant ordering application may be provided at a kiosk.
FIG. 8 A and 8B show various pre-specified screen templates which may be used to create information displays at a kiosk. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
FIG. 1 shows a hardware configuration for a kiosk in accordance with various embodiments of the invention. Kiosk 100 may be coupled to a system server 101 over a network 113 such as a LAN or WAN using client-server protocols such as a DCE/Encina protocol for communication between the kiosk 100 and system server 101. System server 101 may in turn be coupled to one or more financial networks 110 to perform financial transactions such as on-line debits, credit transactions, and funds transfers. Additional kiosks 111 and 112 may also be coupled to system server 101 over network 113, it being understood that the hardware and software descriptions pertaining to kiosk 100 also apply to these other kiosks. A vendor computer 114 may be coupled to system server 101 through any of various means, such as computer networks, modems or the like.
The interaction between these various components is described in more detail herein.
Kiosk 100 includes a computer and memory 102 coupled to various peripheral devices including CD-ROM unit 104, LAN interface 103, a secure access module (SAM) 105, encrypted PIN pad 106, a card reader 107 which may comprise a hybrid card reader able to read smaπ cards which have a magnetic stripe, display unit 108 which may comprise a touch panel display, and a printer 109 which may be used for printing receipts of transactions. The arrangement shown in FIG. 1 is exemplary and is not intended to be limiting. In various embodiments, computer 102 may comprise an Intel-based microprocessor running the Windows™ operating system.
In general, a cardholder inserts a smart card into card reader 107, views various options on display 108 for performing transactions, makes selections based on the displayed information, and obtains a receipt from printer 109. The kiosk may be arranged to perform certain functions without inseπing a smaπ card. For example, informational services may be provided to users without the use of smaπ cards.
The kiosk 100 in FIG. 1 is illustrated as being equipped with peripherals which are suitable for a "stand-alone" configuration, such as might be placed in a shopping mall, a public place on a college campus, or a similar setting.
However, a variation of kiosk 100 is also contemplated for a "private" setting such as for use in a person's home. This variation, while still generally configured as shown in FIG. 1, is preferably configured to operate on a PC-type home computer and may omit certain peripherals such as PIN pad 106, and may use a regular CRT type display instead of a touch panel display.
Each kiosk may be configured with applications which allow users (including smaπ card holders) to conveniently retrieve information, and to order and pay for goods and services. For example, for a college campus setting, the kiosk may provide an application which displays the daily or weekly menu for cafeterias on the campus. As another example, the kiosk may provide an application which allows a card holding student to design and order copies of a resume which are then printed at a print shop for later delivery or pick-up. The latter could be done from the convenience of the student's PC configured as a kiosk in accordance with the principles of the invention. Other applications and features are described in more detail herein.
FIG. 2 shows one possible software arrangement for providing application-level services in a kiosk in accordance with various principles of the invention. It is contemplated that the software features and structure shown in FIG. 2 is installed and operating on kiosk 100 shown in FIG. 1. As shown in
FIG. 2, a set of kiosk applications 200 is provided on top of a plurality of application level kiosk services 201 through 207. These application level services may include, in various embodiments, an operator interface 201, kiosk server 202, card data access functions 203, stored value functions 204, security functions 205, PIN pad functions 206, and automatic update functions 207.
Operator interface 201 preferably provides a set of windowing functions, an "attract" screen which operates when the kiosk is idle, a set of standard templates which can be used by vendors to design an operator interface suitable for a paπicular application, and an order selection and accumulation function for compiling order information for applications which sell goods or services.
Operator interface 201 preferably hides implementation details of display 209, such that vendors developing kiosk applications need only make function calls to services in operator interface 201. The encapsulation and abstractions provided by operator interface 201 thus simplify and standardize the task of creating vendor applications which operate harmoniously on kiosk 100.
Kiosk server 202 includes, in various embodiments, internal message routing functions for transmitting data among applications, and a kiosk control function for scheduling applications based on menu selections made by a user/cardholder.
Card data access functions 203 includes a set of functions which may be used to retrieve, modify and store data contained on a smaπ card which has been inseπed into smaπ card reader 210. Stored value functions 204 preferably include a group of functions which allow stored value on a smaπ card to be decremented or incremented as pan of a devalue or revalue transaction.
Additionally, a smaπ card application programming interface (SCRAPI) 208 preferably provides a means of isolating differences among different types of smaπ cards from kiosk applications, as disclosed in parent application serial number 08/414,495. For example, one type of smaπ card may directly provide purse manipulation functions, while another vendor's smaπ card may not. One feature of SCRAPI 208 is thus to hide such differences from kiosk applications 200 so that each vendor need not be aware of the various types of smaπ cards used in the kiosk.
A group of security functions 205 is preferably included to allow various kiosk applications to perform authentication, encryption/decryption, and other related functions in conjunction with smaπ cards used in the kiosk. In various embodiments, such functions may be provided by a secure access module (SAM) 211 which may be implemented in hardware or software. Security functions 205 preferably isolate kiosk applications 200 from specific implementation details of SAM 211. In general, where a stored value card is used, a kiosk-to-card authentication process occurs using security functions 205. The authentication of a smaπ card using derived keys is well known and thus not explained in detail here. A group of PIN pad functions 206 is included in various embodiments to allow kiosk applications to interface with an encrypted pin pad 212.
Finally, a set of automatic update functions 207 is included in various embodiments to automatically collect information from smart cards inserted into the kiosk, to automatically enable or disable functions on smart cards used in the kiosk, and to automatically update code and data in the kiosk.
FIG. 3 shows a series of steps which may be performed in kiosk 100 in accordance with the software shown in FIG. 2. Beginning in step 301 , an "attract" screen is displayed on display 209 during an idle state. This screen may comprise a "screen saver" type of image which moves across display 209 and serves to entice passersby to use the kiosk. For a college campus setting, the "attract" screen may include a campus logo or other type of image tailored to the particular campus. For a company-wide location, the image may comprise a company logo or a safety reminder, for example. In step 302, a test is made to determine whether any users are present, as might be determined by the pressing of a button or a touch-screen display, by detecting that a user has inseπed a card, or by the output of a motion detector. If no users are present, then in step 303 a test is made to determine whether any remote updates from system server 101 need to be made. Examples of such updates include changing the daily menu for a campus cafeteria, installing new applications, or downloading other information used by various applications on Lhe kiosk. One of ordinary skill in the an will recognize that rather than "polling" the server to determine whether any such updates are available, such updates may be automatically initiated by system server 101. The updates may preferably be made in two stages: a first stage in which files are downloaded from the server, and a second stage in which the downloaded infoπnation is installed as the operative configuration in the kiosk. In various embodiments, a Remote Code Update (RCU) software utility available from Tivoli, Inc. may be used to install code and data changes. Although the data download stage may be performed concurrently with the execution of various applications at the kiosk, the installation stage is preferably performed while the kiosk is disabled to prevent users from attempting to use the kiosk. Accordingly, after data and/or code is downloaded from server 101 , in step 304 the display is preferably locked out (assuming that it is not currently in use) to prevent users from accessing the applications. In step 305, the changes to code and/υr data are installed in the kiosk, then in step 306 the display is unlocked to allow users to again use the kiosk.
In step 307, assuming that a user is present and no updates are currently in progress, a main menu is displayed on display 108 preferably under the control of kiosk server 202. The customer makes a selection from Lhe menu, which may comprise any of various applications such as those shown in FIG. 4.
Applications on kiosk 100 may be generally classified into one of two types: free applications for which no payment is necessary and no card is required, and payment applications, for which the user must provide payment in the form of a stored value debit, an on-line bank debit, or a credit card transaction. Assuming that the customer has selected an application for which payment is necessary, then in step 308 the customer is prompted to inseπ his smaπ card, which may comprise a GEMPLUS MPCOS™ card for example. In step 309, kiosk 100 automatically extracts counters from the inseπed card under the control of automatic update functions 207 and transmits them to server 101 for statistical purposes. Examples of counters which may be extracted from the inseπed card include the following:
- number of transactions for which the card has been used - number, time, location, etc. of access control readers, such as parking garages or door locks in which the card has been used
- number of library transactions for which the card has been used
- number of meal plan transactions for which the card has been used In step 310, a check is made based on information received from server 101 as to whether any updates need to be made to the card. Such updates can include the installation of new applications (for example, adding a meal plan to the card, or adding library privileges), modification of existing applications (for example, changing the meal plan a student is entitled to use), or deletion/disabling of existing applications (for example, revoking library or parking privileges). As another example, if a cardholder loses his card and repoπs its loss, system server 101 can disable the card the first time it is inserted into a kiosk durinς an attempted use by a finder of the card. In step 311 , if any such changes are needed, the changes can be installed directly on the card without the cardholder's intervention. As one example, a student's parking privileges may be revoked, and the student directly notified on the kiosk display, without disabling the entire smart card. In some situations, it may of course be desirable to confirm with the cardholder that an update is to be made before it occurs. In any event, updates made to the smaπ card 311 are preferably controlled from central server 101 such that the server maintains an inventory of the services and features which are available to the cardholder. Updates may be made by deleting a file on the card or setting a flag contained in a file on the card. Various variations are of course possible, and the invention is not intended to be limiting in this respect.
In step 310, if no card updates are pending, then in step 312 the application selected by Lhe user is executed. The selected application may comprise any of those shown in FIG. 4, or others as suitable for the particular kiosk. Also, after changes are installed on the card in step 311, the selected application is executed in step 312 (assuming that the particular application has not been disabled). After the cardholder finishes using any desired application, his card is ejected and the kiosk returns to an idle state in which the attract screen is displayed (step 301). The card may remain in the kiosk while the cardholder uses multiple applications. FIG. 4 illustrates some of the many applications which are contemplated as being provided on kiosk 100. General information applications 401 may be provided at kiosk 100 without the need to insert a card into card reader 107. General information applications include maps of a campus or company location, menus for a cafeteria or restaurant updated daily or weekly, schedules of various events such as sporting events and library hours, advertisements for various types of products or services, or club information. In various embodiments, the information needed to display the information depicted may be stored in computer memory 102 (which may include RAM, ROM, and/or disk) or CD- ROM unit 104 (see FIG. 1). Changes to the information provided by these applications may be made via automatic update functions 207 (see FIG. 2). Generally speaking, general information applications display information selected by a user from touch screen display 108. One of ordinary skill in the an will recognize how to construct such information displays using information stored within kiosk 100. In various embodiments, the information may be provided through a set of window functions such as are provided by the Microsoft Windows™ operating system. Additional functions may be provided to augment basic windowing functions provided by the operating system, and templates (see below) may be used to provide a limited set of "standard" display formats. Personal information applications 402 allow a cardholder to access personal information stored on a smaπ card or maintained in system server 101. It is generally contemplated that a cardholder needs to supply a PIN in order to access information such as the cardholder's name/address and other information, the status of various functions active on the card (such as displaying the meal plan currently active), grades, or the status of various financial accounts maintained in system server 101 or other computers.
FIG. 5 shows how personal information may be provided to a cardholder. Beginning in step 501, the user is prompted to enter his PIN which was previously assigned. In step 502, the user's PIN is verified, preferably using a PIN checking function on the card through the use of security functions 205 (see FIG. 2). Assuming that the PIN was correctly entered, in step 503 a determination is made as to whether the information is of a type stored on the smaπ card. If not, then in step 504 a request is made to server 101 to supply the requested information. If the information is stored on the card (such as a list of card functions and their status), then in step 505 the information is extracted from the smaπ card, preferably using card data access functions 203 (FIG. 2). In step 506, the information obtained either from the card or from server 101 is displayed to the user on display 108. It will be recognized that certain applications, such as the display of a student's grades, may be limited to a
"private" kiosk on a student's home PC rather than at a public kiosk where sensitive information might be inadveπently displayed for others to see.
Revalue card applications 403 provide a cardholder with the ability to add stored value to an inserted smart card using either an on-line bank debit transaction, an on-line credit card transaction, or inseπing cash. FIG. 6 shows a series of steps which may be carried out to revalue a stored value card at kiosk 100. Beginning in step 601, the user selects a payment type (i.e. , debit, credit, or cash). In step 602, if it is determined that a debit payment is to be conducted, then in step 603 the user is prompted for his personal bank PIN (not to be confused with PINs used to authenticate the user with respect to the stored value card itself), and in step 604 an on-line bank debit transaction is initiated from system server 101 and the user's private bank account through financial network 110. This step may include steps of extracting the user's bank account information from a magnetic stripe on the stored value card, combining it with the user's PIN (which may be provided in encrypted form via PIN pad 106 and extracted via PIN pad functions 206), and forwarding the request to system server 101 to initiate the bank transfer operation. Alternatively, the kiosk may be provided with a separate magnetic card reader which accepts the user's bank debit card to supply this information. Bank transfers may be carried out through any of various banking services, such as those provided by Gensar, a company which provides such services in certain regions of the country
If, in step 605 it is determined that credit payment is desired, then in step 606 a bank credit transaction is initiated, preferably using credit card account information obtained either from a magnetic stripe on the user's stored value card, or from a separate credit card inseπed by the user into a magnetic stripe reader (it will be appreciated that the same hybrid reader can be used for both card types). In either event, a credit transaction is initiated from system server 101 through financial network 110 or other bank-to-bank protocols to obtain a credit authorization.
Finally, if neither debit nor credit payment has been selected, in step 607 cash may be used to revalue the card. This step involves the user's inseπion of bills into a bill acceptor (not shown) to accept the money
In step 608, the value on the stored value card is updated to reflect the payment made by the user. In various embodiments, this transaction is conducted on-line with system server 101 using an anonymous account number which cannot be traced to the pamcular cardholder (see copending application serial number 08/ ). Finally, m step 609, a receipt is generated using printer 109 (see FIG. 1). Referring again to FIG. 4, card balance and transactions application 404 will be described. Upon inseπion of a stored value card, a cardholder may immediately view the card's balance on display 108. This feature preferably includes the step of using stored value functions 204 (see FIG. 2) to retrieve the card's balance while hiding details of the stored value function implementation on the pamcular card. Additionally, the cardholder may view the last 10 or so transactions stored on the card upon entry of a PIN which is verified locally with the stored value card, preferably through the use of security functions 205 (see FIG. 2). Merchant ordering applications 405 may include any of various types of applications which require payment by a user. For example, a user may order food such as pizzas, order goods from one or more catalogs the contents of which are accessible at kiosk 100, order books, or order items such as clothing from advertisements or other displayable images on kiosk 100.
In various embodiments, merchants may be provided with software services such as these shown in FIG. 2 in order to design applications which arc executed on kiosk 100. For example, as described in more detail below, a set of standard templates may be used to create pre-defined images for presenting options to the user, making item selections, and for accumulating order totals and the like. Providing a limited set of such standard templates enhances commonality among applications provided at the kiosk and simplifies the task of developing kiosk-based applications.
FIG. 7 shows how a generic merchant ordering application may be provided at kiosk 100. In step 701 , the user inserts his stored value card (or bank debit card, or credit card) into card reader 107. In step 702, a merchant menu display is provided under the control of kiosk server 202; the menu contains items defined by the particular merchant. For example, a pizza merchant might provide a display of different pizza sizes and toppings, while a catalog merchant might provide an opening display of a catalog page with options for paging through the catalog or performing a keyword search in the catalog. In step 703, the customer selects the particular product or service from the display. In step 704, if the customer's payment is to be from the stored value card itself, then in step 705 the value on the card is decremented according to the order total. In step 706, a record of the stored value transaction is stored in kiosk 100 in a memory area, and in step 707 the specific merchant's merchandise is authorized (for example, an order can be placed in vendor computer 114 from system server 101). Payment to the vendor may be effected during a settlement process as described more fully in copending application serial number 08/ .
On the other hand, if the customer chooses to use a debit transaction as payment (step 708), then in step 709 the customer is prompted to enter his bank PIN, and in step 710 an on-line bank debit operation is performed in a manner similar to that shown and described with reference to FIG. 6. After the debit transaction is successfully performed, in step 707 the merchant's order for goods or services is authorized, again preferably by communicating with vendor computer 114. It will be appreciated that many different vendor computers may be provided in communication with system server 101. If in step 711 it is determined that payment will be made using a credit transaction, then in step 712 an on-line credit transaction is performed using steps similar to those described with reference to FIG. 6. Finally, in step 707 the specific merchant's transaction is authorized.
Referring again to FIG. 4, a group of content delivery applications 406 may also be provided on kiosk 100. In general, these may comprise the sale of information using payment mechanisms shown in FIG. 7 with reference to merchant ordering applications. Content delivery applications may include ordering excerpts from various books (including the payment of applicable copyright royalty clearance fees) or performing on-line research using databases which require payment for searches.
Finally, on-demand printing applications 407 may be provided at kiosk 100. These services can include the formatting and content generation for resumes, papers (such as a thesis or book), or business cards. The payment mechanisms for these applications may be effected in the same manner as merchant ordering applications discussed above. However, for these applications the user may be required to provide substantially more infoπnation. For example, a draft copy of a resume in word processor format may be required. For resumes and business cards and the like, the user may be prompted to select from a variety of styles and print quantities. In effect, these services are analogous to an on-line print shop. However, they can be provided cheaply and effectively from a smart card kiosk either at a public location or at a private kiosk in a student's home computer.
FIGs. 8A and 8B show various pre-specified screen templates which may be used to create information displays at kiosk 100. Screen template 800, for example, may be used for displaying a simple image, while screen template 802 may be used for displaying a "rich text file" next to an image on the same screen. These predefined screen templates may be provided as part of operator interface 201 to allow various merchants and application developers to gain provide applications at kiosk 100.
In various embodiments, it may be desirable to use separate encryption decryption keys for accessing data stored on each smart card. For example, a first key may be used for performing card value/devalue operations; a second key may be used for a second application, a third key may be used for a third application, and so forth. In this manner, data accessed on each card can be maintained with a higher degree of security, in that the compromise of a single key affecting a single application would not necessarily compromise other applications on the card.
What has been described is a kiosk including a set of application level services which provides a convenient way of paying for and ordering various types of goods and services, and for obtaining information relevant to a particular kiosk location. The kiosk may automatically extract usage information from cards used in the kiosk and provide this information to a system server for statistical analysis. Additionally, code and data in the kiosk may be updated from the system server, and functions and data on each cardholder's smaπ card may be updated automatically without the user's intervention when the card is inseπed into a kiosk.
It is apparent that many modifications and variations of the present invention are possible, and references to specific values or product are by way of example only. The method steps of the invention may be practiced in a different ordered sequence from that illustrated without departing from the scope of the invention. It is, therefore, to be understood that within the scope of the appended claims the invention may be practiced otherwise than as specifically described.

Claims

1 A kiosk for use in a system employing a plurality of smart cards, comprising. a display device; a network interface for communicating with a server computer, a smart card reader for reading one of the plurahty of smart cards; and a computer and associated memory coupled to the display device, the smart card reader, and the network interface, the computer programmed to provide at least one application program coupled to a plurahty of application level services adapted to provide functions for application service providers, the application level services including a smart card data access function for retrieving data on a smart card inserted into the smart card reader; and an operator interface operable to provide window display functions on the display device in accordance with steps taken by the one application program
2 The kiosk according to claim 1 , wherein the application level services comprise a stored value debit function operable to decrement value stored on a smart card inserted into the smart card reader in accordance with steps taken by the application program.
3 The kiosk according to claim 1 , wherein the computer is further programmed to provide an automatic update function which, upon insertion of one of the smaπ cards, communicates with the server computer to determine whether any capabilities on the inseπed smaπ card should be updated and, in response thereto, updates capabilities on the one inseπed smaπ card.
4 The kiosk according to claim 3, wherein the update disables a capability previously enabled on the inseπed smaπ card.
5 The kiosk according to claim 3, wherein the update enables a capability not previously enabled on the mseπed smaπ card
6. The kiosk according to claim 1, wherein the computer is fuπher programmed to automatically retrieve a usage counter from a smaπ card inseπed into the card reader and transmit the usage counter to the server computer.
7. The kiosk according to claim 1, wherein the computer is fuπher programmed to display an "attract" screen in an idle mode and which, when performing an automatic update operation involving information transmitted from the computer server, disables use of the one application program.
8. The kiosk according to claim 1, wherein the one application program comprises a merchant ordering application which communicates with the computer server in order to provide a service offered by a merchant.
9. The kiosk according to claim 1, wherein the one application program comprises an on-demand printing application which accepts an order for a printing service provided by a merchant.
10. The kiosk according to claim 1, wherein the operator interface comprises a plurality of predefined display templates.
11. The kiosk according to claim 1, wherein the computer is fuπher programmed to carry out an on-line debit transaction with a user's bank account.
12. The kiosk according to claim 1 , wherein the application level services fuπher provide card-level independence from paπicular types of smaπ cards inseπed into the kiosk.
13. The kiosk according to claim 1, wherein the application level services comprise a group of security functions for performing security related operations with a smaπ card inserted into the kiosk.
14. An application programming interface adapted to provide functions for an application program executing on a smaπ card kiosk, comprising: an operator interface comprising window functions operable to manipulate display images and a plurality of templates for displaying preformed images; a plurality of card data access services operable to retrieve data from a smaπ card inseπed into the smaπ card kiosk; a plurality of stored value functions operable to increase and decrease value stored on a smaπ card inseπed into the smaπ card kiosk; a plurality of security functions operable to encrypt and decrypt data during communication with a smaπ card inseπed into the smart card kiosk; and a PIN pad function operable to retrieve a PIN entered at the kiosk.
15. The application programming interface according to claim 14, further comprising c general information application, coupled to the application programming interface, for providing general information on a display at the kiosk, wherein the general information is periodically updated via a server coupled to the kiosk.
16. The application programming interface according to claim 15, wherein the general information application displays a cafeteria menu.
17. The application programming interface according to claim 15, wherein the general information application displays maps.
18. The application programming interface according to claim 14, further comprising a merchant ordering application, coupled to the application programming interface, which uses the operator interface for displaying a merchant menu comprising one or more products, and uses one of the stored value functions to decrement value on a smart card inseπed into the kiosk prior to authorizing a transaction to provide the one or more products.
19. A kiosk comprising a computer, a display unit, a smaπ card reader, and a network interface, wherein the computer is programmed to provide a plurality of kiosk applications and a plurality of application-level services, wherein the application-level services comprises an operator interface for performing window functions on the display unit, a plurality of card data access functions for interfacing with a smart card inserted into the smart card reader, and an automatic update function for automatically updating, via the network interface, functions on a smart card inserted into the card reader, and wherein the plurality of kiosk applications comprises a general information application for providing information received via the network interface on the display unit without inserting a smart card into the smart card reader, and a merchant ordering application for effecting payment for one or more products from a menu displayed on the display unit upon insertion of a smart card into the smaπ card reader.
20. The kiosk according to claim 19, fuπher comprising a content delivery application for effecting payment for information specified by a user upon inseπion of a smaπ card into the smaπ card reader.
21. The kiosk according to claim 19, further comprising an on-demand printing application for effecting payment for a printing job specified by a user upon inseπion of a smaπ card into the smaπ card reader.
PCT/US1996/014658 1995-09-14 1996-09-12 Programming interface for a smart card kiosk WO1997010562A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU70197/96A AU7019796A (en) 1995-09-14 1996-09-12 Programming interface for a smart card kiosk

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US52830495A 1995-09-14 1995-09-14
US08/528,304 1995-09-14

Publications (1)

Publication Number Publication Date
WO1997010562A1 true WO1997010562A1 (en) 1997-03-20

Family

ID=24105113

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1996/014658 WO1997010562A1 (en) 1995-09-14 1996-09-12 Programming interface for a smart card kiosk

Country Status (2)

Country Link
AU (1) AU7019796A (en)
WO (1) WO1997010562A1 (en)

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999030255A1 (en) * 1997-12-12 1999-06-17 Missouri Botanical Garden Site-specific interest profiling system
WO1999049431A3 (en) * 1998-03-24 1999-11-25 Korala Associates Limited Apparatus and method for providing transaction services
EP1003139A2 (en) * 1997-04-30 2000-05-24 Visa International Service Association An internet payment and loading system using a smart card
WO2000031691A1 (en) * 1998-11-23 2000-06-02 Swisscom Mobile Ag Method and device for detecting, charging for and blocking services
WO2001008110A1 (en) * 1999-07-23 2001-02-01 Cubic Corporation Method and apparatus for establishing a secure smart card communication link through a communication network
WO2001008112A1 (en) * 1999-07-22 2001-02-01 Jones Michael Rowles Public access computer terminal apparatus
SG80640A1 (en) * 1998-08-26 2001-05-22 Ibm Expanded smart card communication architecture and procedure for communicating between smart card application and data carrier
EP1102222A2 (en) * 1999-11-16 2001-05-23 Citicorp Development Center, Inc. Method, system, and apparatus for providing secure interactive services through an unattended modular kiosk
WO2001086580A1 (en) * 2000-05-09 2001-11-15 Wincor Nixdorf International Gmbh Operation of a security module in a card reader
FR2820525A1 (en) * 2001-02-05 2002-08-09 Schlumberger Systems & Service METHOD FOR TRANSFERRING DATA BETWEEN SERVICE TERMINALS AND TRANSACTIONAL MEANS
EP1241640A2 (en) * 1998-04-10 2002-09-18 Minnesota Mining And Manufacturing Company A method of preparing configuration data for multiple self-service library terminals
NL1025408C2 (en) * 2004-02-05 2005-08-08 Gouden Vermeer B V Installation is for topping up mobile telephone balance and comprises frame carrying operating panel provided with choice keys and input for payment cards
WO2006061754A1 (en) 2004-12-07 2006-06-15 Philips Intellectual Property & Standards Gmbh System and method for application management on multi-application smart cards
US7641113B1 (en) 2003-10-17 2010-01-05 Nexxo Financial, Inc. Systems and methods for generating revenue from banking transactions using a stored-value card
US7653602B2 (en) 2003-11-06 2010-01-26 Visa U.S.A. Inc. Centralized electronic commerce card transactions
US7725369B2 (en) 2003-05-02 2010-05-25 Visa U.S.A. Inc. Method and server for management of electronic receipts
US7857216B2 (en) 2003-09-12 2010-12-28 Visa U.S.A. Inc. Method and system for providing interactive cardholder rewards image replacement
US7908216B1 (en) 1999-07-22 2011-03-15 Visa International Service Association Internet payment, authentication and loading system using virtual smart card
US8005763B2 (en) 2003-09-30 2011-08-23 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US8010405B1 (en) 2002-07-26 2011-08-30 Visa Usa Inc. Multi-application smart card device software solution for smart cardholder reward selection and redemption
US8015060B2 (en) 2002-09-13 2011-09-06 Visa Usa, Inc. Method and system for managing limited use coupon and coupon prioritization
US8407083B2 (en) 2003-09-30 2013-03-26 Visa U.S.A., Inc. Method and system for managing reward reversal after posting
US8429048B2 (en) 2009-12-28 2013-04-23 Visa International Service Association System and method for processing payment transaction receipts
US8554610B1 (en) 2003-08-29 2013-10-08 Visa U.S.A. Inc. Method and system for providing reward status
US20130282501A1 (en) * 2012-04-18 2013-10-24 Square, Inc. Point-of-sale system
US8626577B2 (en) 2002-09-13 2014-01-07 Visa U.S.A Network centric loyalty system
US8793187B2 (en) 2003-10-17 2014-07-29 Nexxo Financial Corporation Self-service money remittance with an access card
US9083486B2 (en) 2011-09-26 2015-07-14 Cubic Corporation Personal point of sale
US9118802B2 (en) 2012-05-31 2015-08-25 Cubic Corporation Video ticket office
US9378490B2 (en) 1998-07-07 2016-06-28 Citicorp Credit Services, Inc. (Usa) System and method for image depositing, image presentment and deposit taking in a commercial environment
US9473295B2 (en) 2011-09-26 2016-10-18 Cubic Corporation Virtual transportation point of sale
US9852437B2 (en) 2002-09-13 2017-12-26 Visa U.S.A. Inc. Opt-in/opt-out in loyalty system
US10019704B2 (en) 2011-09-26 2018-07-10 Cubic Corporation Personal point of sale
US11132691B2 (en) 2009-12-16 2021-09-28 Visa International Service Association Merchant alerts incorporating receipt data

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4683372A (en) * 1984-02-23 1987-07-28 Omron Tateisi Electronics Co. IC card system
US4928001A (en) * 1987-03-20 1990-05-22 Mitsubishi Denki Kabushiki Kaisha Secret information preserving system for a multiple issuer IC card
US5036461A (en) * 1990-05-16 1991-07-30 Elliott John C Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device
US5212369A (en) * 1990-01-25 1993-05-18 Gemplus Card International Method of loading applications programs into a memory card reader having a microprocessor, and a system for implementing the method
US5473690A (en) * 1991-01-18 1995-12-05 Gemplus Card International Secured method for loading a plurality of applications into a microprocessor memory card
US5530232A (en) * 1993-12-22 1996-06-25 Datamark Services, Inc. Multi-application data card
US5542669A (en) * 1994-09-23 1996-08-06 Universal Distributing Of Nevada, Inc. Method and apparatus for randomly increasing the payback in a video gaming apparatus
US5566327A (en) * 1994-07-08 1996-10-15 Sehr; Richard P. Computerized theme park information management system utilizing partitioned smart cards and biometric verification

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4683372A (en) * 1984-02-23 1987-07-28 Omron Tateisi Electronics Co. IC card system
US4928001A (en) * 1987-03-20 1990-05-22 Mitsubishi Denki Kabushiki Kaisha Secret information preserving system for a multiple issuer IC card
US5212369A (en) * 1990-01-25 1993-05-18 Gemplus Card International Method of loading applications programs into a memory card reader having a microprocessor, and a system for implementing the method
US5036461A (en) * 1990-05-16 1991-07-30 Elliott John C Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device
US5473690A (en) * 1991-01-18 1995-12-05 Gemplus Card International Secured method for loading a plurality of applications into a microprocessor memory card
US5530232A (en) * 1993-12-22 1996-06-25 Datamark Services, Inc. Multi-application data card
US5566327A (en) * 1994-07-08 1996-10-15 Sehr; Richard P. Computerized theme park information management system utilizing partitioned smart cards and biometric verification
US5542669A (en) * 1994-09-23 1996-08-06 Universal Distributing Of Nevada, Inc. Method and apparatus for randomly increasing the payback in a video gaming apparatus

Cited By (65)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1003139A2 (en) * 1997-04-30 2000-05-24 Visa International Service Association An internet payment and loading system using a smart card
EP1003139A3 (en) * 1997-04-30 2001-10-17 Visa International Service Association An internet payment and loading system using a smart card
WO1999030255A1 (en) * 1997-12-12 1999-06-17 Missouri Botanical Garden Site-specific interest profiling system
US6516357B1 (en) 1998-02-08 2003-02-04 International Business Machines Corporation System for accessing virtual smart cards for smart card application and data carrier
WO1999049431A3 (en) * 1998-03-24 1999-11-25 Korala Associates Limited Apparatus and method for providing transaction services
US7747527B1 (en) 1998-03-24 2010-06-29 Korala Associates Limited Apparatus and method for providing transaction services
EP1241640A2 (en) * 1998-04-10 2002-09-18 Minnesota Mining And Manufacturing Company A method of preparing configuration data for multiple self-service library terminals
US9378490B2 (en) 1998-07-07 2016-06-28 Citicorp Credit Services, Inc. (Usa) System and method for image depositing, image presentment and deposit taking in a commercial environment
SG80640A1 (en) * 1998-08-26 2001-05-22 Ibm Expanded smart card communication architecture and procedure for communicating between smart card application and data carrier
WO2000031691A1 (en) * 1998-11-23 2000-06-02 Swisscom Mobile Ag Method and device for detecting, charging for and blocking services
WO2001008112A1 (en) * 1999-07-22 2001-02-01 Jones Michael Rowles Public access computer terminal apparatus
US7908216B1 (en) 1999-07-22 2011-03-15 Visa International Service Association Internet payment, authentication and loading system using virtual smart card
US8533116B2 (en) 1999-07-22 2013-09-10 Visa International Service Association Internet payment, authentication and loading system using virtual smart card
WO2001008110A1 (en) * 1999-07-23 2001-02-01 Cubic Corporation Method and apparatus for establishing a secure smart card communication link through a communication network
US7437560B1 (en) 1999-07-23 2008-10-14 Cubic Corporation Method and apparatus for establishing a secure smart card communication link through a communication network
EP1102222A3 (en) * 1999-11-16 2001-06-13 Citicorp Development Center, Inc. Method, system, and apparatus for providing secure interactive services through an unattended modular kiosk
EP1102222A2 (en) * 1999-11-16 2001-05-23 Citicorp Development Center, Inc. Method, system, and apparatus for providing secure interactive services through an unattended modular kiosk
WO2001086580A1 (en) * 2000-05-09 2001-11-15 Wincor Nixdorf International Gmbh Operation of a security module in a card reader
US7373518B2 (en) 2000-05-09 2008-05-13 Wincor Nixdorf International Gmbh Operation of a security module in a card reader
WO2002063575A3 (en) * 2001-02-05 2002-11-07 Schlumberger Systems & Service Method for transferring data between service terminals and transactional means
WO2002063575A2 (en) * 2001-02-05 2002-08-15 Schlumberger Systemes Method for transferring data between service terminals and transactional means
FR2820525A1 (en) * 2001-02-05 2002-08-09 Schlumberger Systems & Service METHOD FOR TRANSFERRING DATA BETWEEN SERVICE TERMINALS AND TRANSACTIONAL MEANS
US8010405B1 (en) 2002-07-26 2011-08-30 Visa Usa Inc. Multi-application smart card device software solution for smart cardholder reward selection and redemption
US10460338B2 (en) 2002-09-13 2019-10-29 Visa U.S.A. Inc. Network centric loyalty system
US8626577B2 (en) 2002-09-13 2014-01-07 Visa U.S.A Network centric loyalty system
US9852437B2 (en) 2002-09-13 2017-12-26 Visa U.S.A. Inc. Opt-in/opt-out in loyalty system
US8239261B2 (en) 2002-09-13 2012-08-07 Liane Redford Method and system for managing limited use coupon and coupon prioritization
US8015060B2 (en) 2002-09-13 2011-09-06 Visa Usa, Inc. Method and system for managing limited use coupon and coupon prioritization
US7725369B2 (en) 2003-05-02 2010-05-25 Visa U.S.A. Inc. Method and server for management of electronic receipts
US7987120B2 (en) 2003-05-02 2011-07-26 Visa U.S.A. Inc. Method and portable device for management of electronic receipts
US7827077B2 (en) 2003-05-02 2010-11-02 Visa U.S.A. Inc. Method and apparatus for management of electronic receipts on portable devices
US8386343B2 (en) 2003-05-02 2013-02-26 Visa U.S.A. Inc. Method and user device for management of electronic receipts
US9087426B2 (en) 2003-05-02 2015-07-21 Visa U.S.A. Inc. Method and administration system for management of electronic receipts
US8793156B2 (en) 2003-08-29 2014-07-29 Visa U.S.A. Inc. Method and system for providing reward status
US8554610B1 (en) 2003-08-29 2013-10-08 Visa U.S.A. Inc. Method and system for providing reward status
US7857215B2 (en) 2003-09-12 2010-12-28 Visa U.S.A. Inc. Method and system including phone with rewards image
US7857216B2 (en) 2003-09-12 2010-12-28 Visa U.S.A. Inc. Method and system for providing interactive cardholder rewards image replacement
US8005763B2 (en) 2003-09-30 2011-08-23 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US8244648B2 (en) 2003-09-30 2012-08-14 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US8407083B2 (en) 2003-09-30 2013-03-26 Visa U.S.A., Inc. Method and system for managing reward reversal after posting
US9141967B2 (en) 2003-09-30 2015-09-22 Visa U.S.A. Inc. Method and system for managing reward reversal after posting
US8204829B2 (en) 2003-10-17 2012-06-19 Nexxo Financial Corporation Systems and methods for money sharing
US7641113B1 (en) 2003-10-17 2010-01-05 Nexxo Financial, Inc. Systems and methods for generating revenue from banking transactions using a stored-value card
US8793187B2 (en) 2003-10-17 2014-07-29 Nexxo Financial Corporation Self-service money remittance with an access card
US7735125B1 (en) 2003-10-17 2010-06-08 Nexxo Financial, Inc. Systems and methods for identifying and verifying a user of a kiosk using an external verification system
US7653602B2 (en) 2003-11-06 2010-01-26 Visa U.S.A. Inc. Centralized electronic commerce card transactions
US9710811B2 (en) 2003-11-06 2017-07-18 Visa U.S.A. Inc. Centralized electronic commerce card transactions
NL1025408C2 (en) * 2004-02-05 2005-08-08 Gouden Vermeer B V Installation is for topping up mobile telephone balance and comprises frame carrying operating panel provided with choice keys and input for payment cards
WO2006061754A1 (en) 2004-12-07 2006-06-15 Philips Intellectual Property & Standards Gmbh System and method for application management on multi-application smart cards
US11132691B2 (en) 2009-12-16 2021-09-28 Visa International Service Association Merchant alerts incorporating receipt data
US8650124B2 (en) 2009-12-28 2014-02-11 Visa International Service Association System and method for processing payment transaction receipts
US8429048B2 (en) 2009-12-28 2013-04-23 Visa International Service Association System and method for processing payment transaction receipts
US9083486B2 (en) 2011-09-26 2015-07-14 Cubic Corporation Personal point of sale
US10019704B2 (en) 2011-09-26 2018-07-10 Cubic Corporation Personal point of sale
US9312923B2 (en) 2011-09-26 2016-04-12 Cubic Corporation Personal point of sale
US9473295B2 (en) 2011-09-26 2016-10-18 Cubic Corporation Virtual transportation point of sale
US9589428B2 (en) 2012-04-18 2017-03-07 Square, Inc. Point-of-sale system
US20130282501A1 (en) * 2012-04-18 2013-10-24 Square, Inc. Point-of-sale system
US9424721B2 (en) 2012-04-18 2016-08-23 Square, Inc. Point-of-sale system
US9881290B2 (en) 2012-04-18 2018-01-30 Square, Inc. Point-of-sale system
US9916570B2 (en) 2012-04-18 2018-03-13 Square, Inc. Point-of-sale system
US9257018B2 (en) * 2012-04-18 2016-02-09 Square, Inc. Point-of-sale system
US10089615B2 (en) 2012-04-18 2018-10-02 Square, Inc. Point-of-sale system
US9058727B2 (en) 2012-04-18 2015-06-16 Square, Inc. Cash drawer
US9118802B2 (en) 2012-05-31 2015-08-25 Cubic Corporation Video ticket office

Also Published As

Publication number Publication date
AU7019796A (en) 1997-04-01

Similar Documents

Publication Publication Date Title
WO1997010562A1 (en) Programming interface for a smart card kiosk
US9679278B2 (en) Automated banking machine that operates responsive to data bearing records
US7606767B1 (en) Cash dispensing automated banking machine system and communication method
US8132717B2 (en) Automated banking machine that operates responsive to data bearing records
US5692132A (en) System and method for conducting cashless transactions on a computer network
US7980462B1 (en) Automated transaction machine with card reader that can read unique magnetic characteristic of a magnetic stripe
US7725393B2 (en) Application service provider and automated transaction machine system and method
US8042733B2 (en) Automated banking machine that operates responsive to data bearing records
US7716096B2 (en) Application service provider and automated transaction machine system and method
US7603315B2 (en) Self-service terminal
WO1996041286A9 (en) System and method for conducting cashless transactions on a computer network
US7025255B1 (en) Application service provider and automated transaction machine system and method
US20020055908A1 (en) Electronic vault for use in processing smart product transactions
WO1999009508A1 (en) Remote electronic retailing
WO1995012856A1 (en) A hotel management system
AU8721698A (en) Remote electronic retailing

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE HU IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK TJ TM TR TT UA UG UZ VN AM AZ BY KG KZ MD RU TJ TM

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): KE LS MW SD SZ UG AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA