WO1999008239A1 - Apparatus and method for ensuring security during entry of credit account information at a public terminal - Google Patents

Apparatus and method for ensuring security during entry of credit account information at a public terminal Download PDF

Info

Publication number
WO1999008239A1
WO1999008239A1 PCT/US1998/016225 US9816225W WO9908239A1 WO 1999008239 A1 WO1999008239 A1 WO 1999008239A1 US 9816225 W US9816225 W US 9816225W WO 9908239 A1 WO9908239 A1 WO 9908239A1
Authority
WO
WIPO (PCT)
Prior art keywords
credit account
pin
potential user
instructions
account number
Prior art date
Application number
PCT/US1998/016225
Other languages
French (fr)
Inventor
Alan Edward Kaplan
Original Assignee
At & T Corp.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by At & T Corp. filed Critical At & T Corp.
Publication of WO1999008239A1 publication Critical patent/WO1999008239A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data

Definitions

  • PIN Personal Identification Number
  • This PIN associated with any credit account is usually chosen and memorized by the user of the credit account, and the user is authorized for access to the credit account upon verification of the PIN.
  • Patent No. 5,367,572 to Weiss discloses a hand-held device carried by the user that generates a unique, time- varying, nonpredictable code. This code is used to generate a different pseudo-random PIN to be entered at every instance of entry at a public terminal.
  • U.S. Patent No. 5,265,162 to Bush et al. discloses an enhanced credit card having added circuitry within the card for generating a similar "computer generated" time- varying pseudo-random number to be entered and transmitted to the credit account access system.
  • PCT Publication No. WO 97/11443 discloses the use of a portable terminal device which encodes the PIN to generate a time-varying pseudo-random number to be entered and transmitted to the credit account access system.
  • U.S. Patent No. 5,239,583 to Parrillo discloses a credit account access system that may provide security during credit account information entry at a public terminal and that does not require an additional device. This system requires the user to keep track of a sequence of PIN numbers
  • SUBSim ⁇ E SHEET (RD1E26) to be entered at each of a corresponding transaction in a sequence of transactions.
  • U.S. Patent No. 5,239,583 recommends that only one digit of the typical 4-digit PIN vary for each transaction and that the user cycle through a small finite number of such varying PINs.
  • a credit account access system that ensures security against unwanted observation of account information during account information entry at a public terminal with the user entering a different time-varying pseudo-random number for each transaction without the requirement of an additional device is desired.
  • a primary object of the present invention is to provide a credit account access system that ensures security against unwanted access to a credit account by a thief observing credit account information being entered by a legitimate user at a public terminal. More specifically, the present invention instructs the user to enter in a pseudo-random sequence of segments of the credit account number and of the PIN and does not require the user to carry around an extraneous device.
  • an instruction synthesizer generates instructions to a potential user at the public terminal to enter in a sequence of segments of a credit account number and of a PIN.
  • S ⁇ BS ⁇ mm SHEET (RULE 26) This sequence is determined by a pseudo-randomly selected scrambling code. The instructions are readily perceived only by the potential user.
  • a decoder generates a decoded credit account number and a decoded PIN by decoding the sequence of numbers entered by the potential user.
  • a control switch allows access to the credit account for the potential user if the decoded credit account number is substantially equal to the actual credit account number and if the decoded PIN is substantially equal to the actual PIN.
  • the present invention can be used to particular advantage when the public terminal includes a headphone from which only the potential user can hear the instructions or a screen from which only the potential user can observe the displayed instructions.
  • the present invention can be used to particular advantage when the public terminal is a telephone having a handset with a receiver portion from which only the potential user can hear the instructions.
  • the potential user can be given the option of entering credit account information using the enhanced security apparatus and method of the present invention.
  • the potential user can forgo entering in the sequence of numbers according to a pseudo-randomly selected scrambling code.
  • the potential user may be given a predetermined number of chances to enter in the correct credit account number and PIN in accordance with the randomly selected scrambling code. If the potential user is not successful after the predetermined number of attempts, then the potential user is notified of a
  • Fig. 1 shows a telephone system that incorporates a calling credit account access system according to the preferred embodiment of the present invention
  • Fig. 2 shows components of the calling credit account access system of Fig. 1 according to the preferred embodiment of the present invention
  • Fig. 3 shows a flowchart of the operation of the calling credit account access system of Fig. 2;
  • Fig. 4 shows an example credit account card with its corresponding PIN
  • Fig. 5 shows example instructions to the user to enter in a sequence of segments of the credit account number and the PIN of Fig. 4;
  • Fig. 6 illustrates the corresponding decoding code for generating a decoded credit account number and a decoded PIN number from the sequence of numbers entered as in Fig. 5.
  • the preferred embodiment of the present invention will be described with respect to a telephone calling credit account.
  • Calling cards are commonly used at public telephones, and the user of the telephone credit account needs to be secure against unwanted observation of credit account information by a thief while the user enters in such information at the public telephone.
  • the present invention can be used for any credit account where the user enters in credit account information at a public terminal.
  • a public telephone network 100 includes a public telephone 102 having a handset 104 with a receiver portion 106 and a transmitter portion 107.
  • the user enters a series of numbers that indicates for a call on credit. For example, many calling card services require the user to dial a "0" before the ten digit phone number of the called party in order to charge the call to the calling card credit account.
  • a local office 108 for the public telephone 102 and a toll office 110 of the telephone network 112 recognize that the user wishes to make a call on credit.
  • a Traffic Service Position System (TSPS) unit 114 allows access to the calling credit account and allows the call to go through for the user only if the user can enter in a correct credit account number and PIN corresponding to that calling credit account.
  • the preferred embodiment of the present invention is implemented predominantly within the TSPS unit 114.
  • the TSPS unit 200 includes a central processing unit (CPU) 202 coupled to a random number generator 204, a database 206, and a memory 210 which is coupled to a touch tone decoder 211.
  • the CPU further includes an instruction synthesizer 212 coupled to the random number generator, the database, and the public terminal 102 of Fig. 1.
  • the CPU also includes a descrambling decoder 214, coupled to the database and the memory, and includes a switch control 216 coupled to the descrambling decoder, the database, and the toll office 110 of Fig. 1.
  • a descrambling decoder 214 coupled to the database and the memory
  • a switch control 216 coupled to the descrambling decoder, the database, and the toll office 110 of Fig. 1.
  • the potential user is then given the option of entering in credit account information using the enhanced security mode of the present invention, at step 304.
  • This feature of the present invention allows the potential user to enter in credit account information in the usual straight forward manner if the user feels that the current environment is relatively safe. In that case, the user is instructed to enter in the calling credit account number and the PIN, at step 306.
  • step 308 If the entered credit account number and entered PIN are substantially equal to an actual credit account number and a corresponding actual PIN stored in database 206 (step 308), then the potential user is allowed access to the calling credit account, and the call is allowed to go through, at step 310. Otherwise, the potential user is denied access to the calling credit account, and the call cannot go through with the potential user being informed of the failure to access the credit account, at step 312.
  • the potential user may be given a predetermined number of chances to enter in the correct credit account number and PIN at step 313 which goes back to step 306 if the potential user has not exceeded the predetermined number of attempts. All of these steps for the case the user does not wish to use the enhanced security mode can be carried out using the common calling credit account access systems of the prior art.
  • the random number generator 204 of Fig. 2 generates a random number.
  • the instruction synthesizer 212 uses this random number to randomly select a scrambling code from the database 206 that has a
  • the scrambling code for any credit transaction may be cycled through a large list of scrambling codes. For example, if a list of 5,000 scrambling codes is used, then a thief observing entry of credit account information according to a cycling through of such a list would perceive a random entry of numbers from one credit transaction to another in a finite reasonably observable number of credit transactions at a public terminal. Accordingly, the thief would not be able to easily decipher the actual credit account number and PIN with a cycling through of a large list of scrambling codes.
  • the user may be instructed by an number of well known means in any predetermined or preselected languages as is well known in the art, for example, by prerecorded announcement of each instruction, by speech synthesis of each instruction, or by display of each instruction.
  • the instruction synthesizer 212 generates the instructions according to these known means in the art.
  • the user may be prompted to choose the language of instruction such as, for example, English, Spanish, or Japanese.
  • caller ID in an alternative embodiment for recognizing whether the secure mode for account information entry should be used, can be used with a database that keeps track of which calling number is associated with a public terminal. If the calling number determined by a caller ID corresponds to a phone at a public terminal, then the credit account access system of the present invention may automatically use the secure mode of requiring entry of credit account information according to a scrambling code of the present invention.
  • the instructions provided to the potential user are readily perceived only by the potential user, and the instructions pseudo- randomly vary for each credit transaction. In this manner, a thief cannot figure out the credit account number and PIN of the user by observing the potential user enter in credit account information at a public terminal.
  • the potential user is instructed via the receiver portion 106 of the telephone handset 104 such that the instructions are readily audible only to the potential user.
  • any public credit account access system such as a cash dispensing station can use a headphone with speakers such that the instructions are readily audible only to the potential user.
  • a public credit account access system may use a screen which displays instructions that are readily observable only by the potential user.
  • An example set of instructions for a credit transaction is described with the example credit account number and PIN of Fig. 4.
  • a user carries a credit account card 402, and memorizes a PIN corresponding to this credit account card.
  • the credit account number is "5421 5567 8891 7766”
  • the corresponding PIN is "3456”.
  • each digit of the credit account number is indexed with its number position "1 2 3 4 5 .... 16" for ease of position reference of each digit of the credit account number.
  • an example set of instructions begins with a first instruction 502 which asks the potential user to enter in the thirteenth through sixteenth digits of the credit account number. If the potential user is using the credit account number of Fig. 4, "7766" is entered. Then, a second instruction 504 asks the potential user to enter in the second and third digits of the PIN. For the PIN of Fig. 4, "45" is entered. Then, a third instruction 502 which asks the potential user to enter in the thirteenth through sixteenth digits of the credit account number. If the potential user is using the credit account number of Fig. 4, "7766" is entered. Then, a second instruction 504 asks the potential user to enter in the second and third digits of the PIN. For the PIN of Fig. 4, "45" is entered. Then, a third
  • SUgSTTTdTE SHEET (RULE 26 instruction 506 asks the potential user to enter in the fifth through eighth digits of the credit account number. For the credit account number of Fig. 4, "5567” is entered. Then, a fourth instruction 508 asks for the first digit of the PIN, and for the PIN of Fig. 4, "3" is entered. Then, a fifth instruction 510 asks for the first though the fourth digits of the credit account number, and "5421" is entered. Then, a sixth instruction 512 asks for the fourth digit of the PIN, and "6" is entered. Finally, a seventh instruction 514 asks for the ninth through the twelfth digits of the credit account number, and "8891 " is entered.
  • the sequence of these numbers can be decoded to determine a decoded credit account number and a decoded PIN, at step 318.
  • the potential user may enter in the numbers from a public terminal via the keypad of a touch tone phone.
  • the touch tone decoder 211 decodes the touch tone signals from the public terminal into a digit format and stores the entered digits into memory 210.
  • the descrambling decoder 214 decodes the sequence of these digits stored in memory 210 to determine a decoded credit account number and a decoded PIN.
  • buttons on the telephone keypad can be an erase button.
  • the "*" button can be used by the potential user to erase the last entered digit in case of mistaken entry.
  • the user may speak the sequence of digits.
  • the present invention includes a speech recognition unit in place of the touch tone decoder 211 in Fig. 2.
  • the database 206 in Fig. 2 would include a corresponding counterpart decoding code for each scrambling code.
  • the decoder 214 obtains this decoding code from the database and performs the decoding steps. For the scrambling code of Fig. 5, Fig. 6 illustrates the corresponding
  • First line 601 includes the segments of numbers entered by the potential user as illustrated in Fig. 5. This line includes a first segment 602 resulting from the first instruction 502, a second segment 604 resulting from the second instruction 504, a third segment 606 resulting from the third instruction 506, a fourth segment 608 resulting from the fourth instruction 508, a fifth segment 610 resulting from the fifth instruction 510, a sixth segment 612 resulting from the sixth instruction 512, and a seventh segment 614 resulting from the seventh instruction 514.
  • the corresponding decoding code for determining the decoded credit account number is to take the number of the fifth segment 610, then of the third segment 606, then of the seventh segment 614, and finally of the first segment 602.
  • second line 616 shows the decoded credit account number.
  • the corresponding decoding code for deteimining the decoded PIN is to take the number of the fourth segment 608, then of the second segment 604, and finally of the sixth segment 612.
  • third line 618 shows the decoded PIN.
  • the decoded credit account number and the decoded PIN are compared to an actual credit account number and actual PIN respectively by the switch control 216 at step 320 of Fig. 3.
  • the switch control compares the decoded account number and the decoded PIN to the actual account numbers and actual PINs stored in database 206 of Fig. 2. If an actual credit account number and an actual PIN can be found in the database whereby the decoded credit account number is substantially equal to the actual credit account number and the decoded PIN is substantially equal to the actual PIN, then the potential user is allowed access to the credit account, at step 322 of Fig. 3. Otherwise, the potential
  • S ⁇ 8S ⁇ sSHEET r ⁇ L user is denied access to the credit account and is notified of failure to access the credit account in step 324.
  • the potential user may be given another chance to access the credit account by returning to step 314.
  • the potential user may be given a predetermined number of chances at step 326 for accessing the credit account before the potential user is terminated from the credit account access system. If the user fails to access the credit account after the predetermined number of attempts, then the calling credit account access system would tell the potential user "You are denied access to the calling credit account," and the system would hang up on the potential user.
  • the credit account number and corresponding PIN are scrambled such that a thief observing the entry of such a scrambled sequence of numbers cannot readily know either the actual credit account number or the corresponding actual PIN.
  • the sequence of segments of credit account number and PIN entered by a potential user at the public terminal is time-varying and
  • the present invention secures against unwanted observation of the credit account number and the PIN without the use of an added device.
  • a scrambling code may ask the user to enter extraneous digits in between any of the segments of the credit account number and PIN. For example, referring to the set of instructions of Fig. 5, the user may be instructed to enter in the digits "7" and “8” in between the first instruction 502 and the second instruction 504. The corresponding decoding code would then ignore the extraneous digits "7” and “8” in between the numbers "7766" and "45” when determining the decoded credit account number and the decode PIN.
  • Instructing the user to enter in such extraneous digits further secures against pilfering of a credit account number and the corresponding PIN during entry of such information at a public terminal. For example, if the thief were able to observe one credit transaction at a public terminal and to acquire the credit account number, then the thief may be able to know which digits that were entered during the observed transaction are part of the PIN. With the PINs typically being four digits, the thief may be able to try all of the at most 4! or 24 combinations of the left over four digits to
  • the thief may attempt to enter in the digits apart from the digits of the credit account number in the observed sequence in order to decipher the PIN.
  • the thief is likely to enter in grossly erroneous digits during instructions for entering in segments of the PIN.
  • the extraneous digits can be changed after a first transaction attempt where grossly erroneous digits are entered after instructions for entering in segments of the PIN.
  • the set of instructions of Fig. 5 is illustrative and numerous sequences of instructions for entering in any segments of the credit account number and PIN in any order are possible.
  • the present invention can be used to secure against unwanted observation of credit account number and PIN during entry at a public terminal for any credit accounts in addition to credit accounts for telephone calling cards.

Abstract

A credit account access system for ensuring security against pilfering of credit information including credit account number and the corresponding PIN during entry of such information by a user at a public terminal. The credit account access system of the present invention generates a pseudo-randomly selected scrambling code for each credit transaction at a public terminal. This pseudo-randomly selected scrambling code determines the instructions to the user at the public terminal to enter in a sequence of segments of the credit account number and the corresponding PIN. Such instructions are readily received only by the user at the public terminal. With such a credit account access system, the thief observing a user at a public terminal sees the user entering a different sequence of numbers for each credit transaction. The sequence of numbers contains scrambled segments of the credit account number and the PIN that an observing thief cannot readily decode to determine the actual credit account number and the corresponding actual PIN. In addition, because the user is instructed to scramble the credit account information and the corresponding PIN via the public terminal, the user does not carry around an added device for the added security.

Description

APPARATUS AND METHOD FOR ENSURING SECURITY
DURING ENTRY OF CREDIT ACCOUNT INFORMATION AT A PUBLIC
TERMINAL
Technical Field
This invention relates to credit account access systems, and more particularly, to a credit account access system that ensures security against unwanted observation of credit account information while the user enters credit account information from a public terminal to access the user=s credit account.
Background of the Invention
With the prevalent use of credit accounts of various types, such as for telephone call charges and merchandise purchases for example, fraudulent use of such accounts is now a well-recognized problem. The cost of such fraudulent use of credit accounts is estimated to be hundreds of millions of dollars per year.
To minimize instances of fraudulent use of credit accounts, a PIN
(Personal Identification Number) is usually assigned to each account. This PIN associated with any credit account is usually chosen and memorized by the user of the credit account, and the user is authorized for access to the credit account upon verification of the PIN.
However, even the use of a PIN in many instances is not a sufficient deterrent for theft in illegal use of credit accounts. For example, when the user of a credit card account enters the credit account number and the PIN at a public terminal, a thief, by looking over the user=s shoulders or by using binoculars, can memorize or record this information. Then the thief can have unauthorized access to the credit account of the unsuspecting user.
Prior art credit account systems attempt to prevent such unauthorized pilfering of credit account information. For example, U.S.
SUBS IΪ SHEET RULE 26 Patent No. 5,367,572 to Weiss discloses a hand-held device carried by the user that generates a unique, time- varying, nonpredictable code. This code is used to generate a different pseudo-random PIN to be entered at every instance of entry at a public terminal. Similarly, U.S. Patent No. 5,265,162 to Bush et al. discloses an enhanced credit card having added circuitry within the card for generating a similar "computer generated" time- varying pseudo-random number to be entered and transmitted to the credit account access system. In like manner, PCT Publication No. WO 97/11443 discloses the use of a portable terminal device which encodes the PIN to generate a time-varying pseudo-random number to be entered and transmitted to the credit account access system.
Although, such security measures provided by these prior art systems can prevent unauthorized pilfering of account information during entry of such information by a user at a public terminal, these prior art systems require an extra device or an enhanced credit card for generating the time-varying pseudo-random numbers. Such devices require additional cost for manufacture. Moreover, the user must remember to carry around such a device for entry of account information at a public terminal, or the user may lose such a device. In the event the user loses or forgets to carry such a device, the account information cannot be secured against unwanted observation during entry at a public terminal, or worse yet, the user may be denied entry to the credit account without such a device. In addition, if a thief wrongfully acquires such a device, the thief can access the credit account. U.S. Patent No. 5,239,583 to Parrillo discloses a credit account access system that may provide security during credit account information entry at a public terminal and that does not require an additional device. This system requires the user to keep track of a sequence of PIN numbers
SUBSimπE SHEET (RD1E26) to be entered at each of a corresponding transaction in a sequence of transactions. For ease of memory for the user, U.S. Patent No. 5,239,583 recommends that only one digit of the typical 4-digit PIN vary for each transaction and that the user cycle through a small finite number of such varying PINs.
An obvious shortcoming of such a credit account access system is that a user can easily forget which of the PINs in the sequence should be entered at a given transaction. Moreover, the sequence of PINs is not pseudo-random. A determined thief can figure out the small finite number of PINs in the sequence by observing the user for a reasonably small finite number of transactions.
Thus, a credit account access system that ensures security against unwanted observation of account information during account information entry at a public terminal with the user entering a different time-varying pseudo-random number for each transaction without the requirement of an additional device is desired.
Summary of the Invention
Accordingly, a primary object of the present invention is to provide a credit account access system that ensures security against unwanted access to a credit account by a thief observing credit account information being entered by a legitimate user at a public terminal. More specifically, the present invention instructs the user to enter in a pseudo-random sequence of segments of the credit account number and of the PIN and does not require the user to carry around an extraneous device.
In a general aspect of the present invention an instruction synthesizer generates instructions to a potential user at the public terminal to enter in a sequence of segments of a credit account number and of a PIN.
SϋBSϊmm SHEET (RULE 26) This sequence is determined by a pseudo-randomly selected scrambling code. The instructions are readily perceived only by the potential user. A decoder generates a decoded credit account number and a decoded PIN by decoding the sequence of numbers entered by the potential user. A control switch allows access to the credit account for the potential user if the decoded credit account number is substantially equal to the actual credit account number and if the decoded PIN is substantially equal to the actual PIN.
The present invention can be used to particular advantage when the public terminal includes a headphone from which only the potential user can hear the instructions or a screen from which only the potential user can observe the displayed instructions. Alternatively, the present invention can be used to particular advantage when the public terminal is a telephone having a handset with a receiver portion from which only the potential user can hear the instructions.
In another aspect of the present invention, the potential user can be given the option of entering credit account information using the enhanced security apparatus and method of the present invention. Thus, if the potential user is at an already secure public terminal, the potential user can forgo entering in the sequence of numbers according to a pseudo-randomly selected scrambling code.
In a further aspect of the present invention, if the decoded credit account number and the decoded PIN do not match the actual credit account number and the actual PIN respectively, then the potential user may be given a predetermined number of chances to enter in the correct credit account number and PIN in accordance with the randomly selected scrambling code. If the potential user is not successful after the predetermined number of attempts, then the potential user is notified of a
SUBSTITUTE SHEET (Mil 26) failure to access the credit account.
These and other features and advantages of the present invention will be better understood by considering the following detailed description of the invention which is presented with the attached drawings.
Brief Description of the Drawing
Fig. 1 shows a telephone system that incorporates a calling credit account access system according to the preferred embodiment of the present invention; Fig. 2 shows components of the calling credit account access system of Fig. 1 according to the preferred embodiment of the present invention;
Fig. 3 shows a flowchart of the operation of the calling credit account access system of Fig. 2;
Fig. 4 shows an example credit account card with its corresponding PIN;
Fig. 5 shows example instructions to the user to enter in a sequence of segments of the credit account number and the PIN of Fig. 4; and
Fig. 6 illustrates the corresponding decoding code for generating a decoded credit account number and a decoded PIN number from the sequence of numbers entered as in Fig. 5. Detailed Description
The preferred embodiment of the present invention will be described with respect to a telephone calling credit account. Calling cards are commonly used at public telephones, and the user of the telephone credit account needs to be secure against unwanted observation of credit account information by a thief while the user enters in such information at the public telephone. However, it should be appreciated that the present invention can be used for any credit account where the user enters in credit account information at a public terminal.
Referring to Fig. 1, a public telephone network 100 includes a public telephone 102 having a handset 104 with a receiver portion 106 and a transmitter portion 107. When the user of a calling card wishes to make a phone call on credit, the user enters a series of numbers that indicates for a call on credit. For example, many calling card services require the user to dial a "0" before the ten digit phone number of the called party in order to charge the call to the calling card credit account. A local office 108 for the public telephone 102 and a toll office 110 of the telephone network 112 recognize that the user wishes to make a call on credit. A Traffic Service Position System (TSPS) unit 114 allows access to the calling credit account and allows the call to go through for the user only if the user can enter in a correct credit account number and PIN corresponding to that calling credit account. The preferred embodiment of the present invention is implemented predominantly within the TSPS unit 114. Referring to Fig. 2, the TSPS unit 200 includes a central processing unit (CPU) 202 coupled to a random number generator 204, a database 206, and a memory 210 which is coupled to a touch tone decoder 211. The CPU further includes an instruction synthesizer 212 coupled to the random number generator, the database, and the public terminal 102 of Fig. 1. The CPU also includes a descrambling decoder 214, coupled to the database and the memory, and includes a switch control 216 coupled to the descrambling decoder, the database, and the toll office 110 of Fig. 1. The operation of the preferred embodiment of the present invention as implemented in the TSPS unit 200 of Fig. 2 is now described in conjunction with the flowchart of Fig. 3. This operation begins with recognition that a potential user wishes to make a call using a calling credit account, at step 302. The calling credit account would have an actual credit account number and an actual PIN corresponding to that credit account number.
The potential user is then given the option of entering in credit account information using the enhanced security mode of the present invention, at step 304. This feature of the present invention allows the potential user to enter in credit account information in the usual straight forward manner if the user feels that the current environment is relatively safe. In that case, the user is instructed to enter in the calling credit account number and the PIN, at step 306.
If the entered credit account number and entered PIN are substantially equal to an actual credit account number and a corresponding actual PIN stored in database 206 (step 308), then the potential user is allowed access to the calling credit account, and the call is allowed to go through, at step 310. Otherwise, the potential user is denied access to the calling credit account, and the call cannot go through with the potential user being informed of the failure to access the credit account, at step 312. The potential user may be given a predetermined number of chances to enter in the correct credit account number and PIN at step 313 which goes back to step 306 if the potential user has not exceeded the predetermined number of attempts. All of these steps for the case the user does not wish to use the enhanced security mode can be carried out using the common calling credit account access systems of the prior art.
In the case the potential user wishes to enter in the credit account information using the enhanced security mode as provided by the present invention, the random number generator 204 of Fig. 2 generates a random number. The instruction synthesizer 212 uses this random number to randomly select a scrambling code from the database 206 that has a
SUBSΪ1TUTE S respective scrambling code for each possible random number, at step 314. The potential user at the public terminal is then instructed to enter in segments of the credit account number and PIN according to this randomly selected scrambling code, at step 316. Alternatively, the scrambling code for any credit transaction may be cycled through a large list of scrambling codes. For example, if a list of 5,000 scrambling codes is used, then a thief observing entry of credit account information according to a cycling through of such a list would perceive a random entry of numbers from one credit transaction to another in a finite reasonably observable number of credit transactions at a public terminal. Accordingly, the thief would not be able to easily decipher the actual credit account number and PIN with a cycling through of a large list of scrambling codes.
The user may be instructed by an number of well known means in any predetermined or preselected languages as is well known in the art, for example, by prerecorded announcement of each instruction, by speech synthesis of each instruction, or by display of each instruction. The instruction synthesizer 212 generates the instructions according to these known means in the art. The user may be prompted to choose the language of instruction such as, for example, English, Spanish, or Japanese.
In an alternative embodiment for recognizing whether the secure mode for account information entry should be used, caller ID, as is commonly known in the art, can be used with a database that keeps track of which calling number is associated with a public terminal. If the calling number determined by a caller ID corresponds to a phone at a public terminal, then the credit account access system of the present invention may automatically use the secure mode of requiring entry of credit account information according to a scrambling code of the present invention.
$HB$nm SHEET(RIJU26) In any case, the instructions provided to the potential user are readily perceived only by the potential user, and the instructions pseudo- randomly vary for each credit transaction. In this manner, a thief cannot figure out the credit account number and PIN of the user by observing the potential user enter in credit account information at a public terminal. For the public telephone 102 of Fig. 1 for example, the potential user is instructed via the receiver portion 106 of the telephone handset 104 such that the instructions are readily audible only to the potential user. Alternatively, any public credit account access system such as a cash dispensing station can use a headphone with speakers such that the instructions are readily audible only to the potential user. Also, a public credit account access system may use a screen which displays instructions that are readily observable only by the potential user.
An example set of instructions for a credit transaction is described with the example credit account number and PIN of Fig. 4. For a typical credit account, a user carries a credit account card 402, and memorizes a PIN corresponding to this credit account card. For this example, the credit account number is "5421 5567 8891 7766", and the corresponding PIN is "3456". Note that in the preferred embodiment of the present invention, each digit of the credit account number is indexed with its number position "1 2 3 4 5 .... 16" for ease of position reference of each digit of the credit account number.
Referring to Fig. 5, an example set of instructions begins with a first instruction 502 which asks the potential user to enter in the thirteenth through sixteenth digits of the credit account number. If the potential user is using the credit account number of Fig. 4, "7766" is entered. Then, a second instruction 504 asks the potential user to enter in the second and third digits of the PIN. For the PIN of Fig. 4, "45" is entered. Then, a third
SUgSTTTdTE SHEET (RULE 26 instruction 506 asks the potential user to enter in the fifth through eighth digits of the credit account number. For the credit account number of Fig. 4, "5567" is entered. Then, a fourth instruction 508 asks for the first digit of the PIN, and for the PIN of Fig. 4, "3" is entered. Then, a fifth instruction 510 asks for the first though the fourth digits of the credit account number, and "5421" is entered. Then, a sixth instruction 512 asks for the fourth digit of the PIN, and "6" is entered. Finally, a seventh instruction 514 asks for the ninth through the twelfth digits of the credit account number, and "8891 " is entered. After these numbers have been entered in step 316 of Fig. 3, the sequence of these numbers can be decoded to determine a decoded credit account number and a decoded PIN, at step 318. Referring to Fig. 2, the potential user may enter in the numbers from a public terminal via the keypad of a touch tone phone. In that case, the touch tone decoder 211 decodes the touch tone signals from the public terminal into a digit format and stores the entered digits into memory 210. The descrambling decoder 214 decodes the sequence of these digits stored in memory 210 to determine a decoded credit account number and a decoded PIN. For ease of number entry via the keypad of a phone, one of the buttons on the telephone keypad can be an erase button. For example, the "*" button can be used by the potential user to erase the last entered digit in case of mistaken entry. In an alternative embodiment, the user may speak the sequence of digits. In that case, the present invention includes a speech recognition unit in place of the touch tone decoder 211 in Fig. 2. The database 206 in Fig. 2 would include a corresponding counterpart decoding code for each scrambling code. The decoder 214 obtains this decoding code from the database and performs the decoding steps. For the scrambling code of Fig. 5, Fig. 6 illustrates the corresponding
BRSimϋE SHEET (M(lE2β) decoding code. First line 601 includes the segments of numbers entered by the potential user as illustrated in Fig. 5. This line includes a first segment 602 resulting from the first instruction 502, a second segment 604 resulting from the second instruction 504, a third segment 606 resulting from the third instruction 506, a fourth segment 608 resulting from the fourth instruction 508, a fifth segment 610 resulting from the fifth instruction 510, a sixth segment 612 resulting from the sixth instruction 512, and a seventh segment 614 resulting from the seventh instruction 514.
Given the instructions of Fig. 5, the corresponding decoding code for determining the decoded credit account number is to take the number of the fifth segment 610, then of the third segment 606, then of the seventh segment 614, and finally of the first segment 602. In this manner, second line 616 shows the decoded credit account number. Similarly, the corresponding decoding code for deteimining the decoded PIN is to take the number of the fourth segment 608, then of the second segment 604, and finally of the sixth segment 612. In this manner, third line 618 shows the decoded PIN.
Once the decoded credit account number and decoded PIN have been determined at step 318 of Fig. 3, the decoded credit account number and the decoded PIN are compared to an actual credit account number and actual PIN respectively by the switch control 216 at step 320 of Fig. 3. The switch control compares the decoded account number and the decoded PIN to the actual account numbers and actual PINs stored in database 206 of Fig. 2. If an actual credit account number and an actual PIN can be found in the database whereby the decoded credit account number is substantially equal to the actual credit account number and the decoded PIN is substantially equal to the actual PIN, then the potential user is allowed access to the credit account, at step 322 of Fig. 3. Otherwise, the potential
Sϋ8SπππsSHEET røL user is denied access to the credit account and is notified of failure to access the credit account in step 324.
In the case the potential user is denied access to the credit account, the potential user may be given another chance to access the credit account by returning to step 314. The potential user may be given a predetermined number of chances at step 326 for accessing the credit account before the potential user is terminated from the credit account access system. If the user fails to access the credit account after the predetermined number of attempts, then the calling credit account access system would tell the potential user "You are denied access to the calling credit account," and the system would hang up on the potential user.
If the decoded credit account number is substantially equal to an actual credit account number stored in database 206 of Fig. 2, but the decoded PIN is not equal to the actual PIN of that actual credit account number, then the legitimate user of that actual credit account number is notified of this failed attempt by a potential user. The time and day of this failed attempt can be reported to the legitimate user to put that user on notice of possible attempted fraudulent use of that legitimate user=s credit account. In addition, the credit account can be shut down in the case of any failed attempts by a potential user to preclude any possible fraudulent use until the legitimate user reactivates the credit account.
By using a scrambling code for a credit transaction, the credit account number and corresponding PIN are scrambled such that a thief observing the entry of such a scrambled sequence of numbers cannot readily know either the actual credit account number or the corresponding actual PIN. By selecting a respective scrambling code for each credit transaction at a public terminal, the sequence of segments of credit account number and PIN entered by a potential user at the public terminal is time-varying and
SUBSϊiTUTE SHEET (RULE 26) pseudo-random for each credit transaction. Thus, the thief cannot readily determine the actual credit account number and the corresponding actual PIN even if the thief were to observe numerous credit transactions by the same user for the same credit account number. In addition, the potential user is instructed to enter in the credit account number and the corresponding PIN in a scrambled order via the public terminal. Thus, the present invention secures against unwanted observation of the credit account number and the PIN without the use of an added device.
In an alternative embodiment of the present invention, a scrambling code may ask the user to enter extraneous digits in between any of the segments of the credit account number and PIN. For example, referring to the set of instructions of Fig. 5, the user may be instructed to enter in the digits "7" and "8" in between the first instruction 502 and the second instruction 504. The corresponding decoding code would then ignore the extraneous digits "7" and "8" in between the numbers "7766" and "45" when determining the decoded credit account number and the decode PIN.
These extraneous digits should be the same for each credit transaction such that the extraneous digits are indistinguishable from the digits of the credit account number and the PIN to a thief since the credit account number and the PIN stay constant for each credit transaction.
Instructing the user to enter in such extraneous digits further secures against pilfering of a credit account number and the corresponding PIN during entry of such information at a public terminal. For example, if the thief were able to observe one credit transaction at a public terminal and to acquire the credit account number, then the thief may be able to know which digits that were entered during the observed transaction are part of the PIN. With the PINs typically being four digits, the thief may be able to try all of the at most 4! or 24 combinations of the left over four digits to
SI/BSIΪTOIE SHEET (MI determine the PIN. By adding in the additional same extraneous digits for each credit transactions, the total number of combinations a thief must try to figure out the PIN in this scenario increases. For example, if 3 extraneous digits are added, then the total number of possible combinations goes up to 7x6x5x4=840. This larger number of combinations of the PIN adds further security against unwanted pilfering of credit account information in this scenario.
Alternatively, in the scenario where a thief has observed correct entry of a sequence of numbers during a valid transaction by an actual user and where the thief has acquired the credit account number, the thief may attempt to enter in the digits apart from the digits of the credit account number in the observed sequence in order to decipher the PIN. During the initial attempt of the process of deciphering the PIN in this manner, the thief is likely to enter in grossly erroneous digits during instructions for entering in segments of the PIN. To further confuse the thief, the extraneous digits can be changed after a first transaction attempt where grossly erroneous digits are entered after instructions for entering in segments of the PIN. By thusly changing the extraneous digits after this initial attempt, the thief cannot easily determine which of the digits apart from the digits of the credit account number in the observed correct sequence of numbers were part of the PIN and which of the digits were part of the extraneous digits.
The forgoing is by way of example only and is not intended to be limiting. For example, the set of instructions of Fig. 5 is illustrative and numerous sequences of instructions for entering in any segments of the credit account number and PIN in any order are possible. Furthermore, the present invention can be used to secure against unwanted observation of credit account number and PIN during entry at a public terminal for any credit accounts in addition to credit accounts for telephone calling cards.
SUBSTPTE SHEET (RULE 26) The invention is limited only as defined in the following claims and equivalents thereof. Finally, any patents referred to herein should be deemed to be incorporated herein by reference as to any subject matter deemed essential to a proper understanding of the present invention.
SUBSTITUTE SHEET (RBIE2S)

Claims

I claim:
1. A method for ensuring security against unwanted access to
a credit account, having an actual credit account number and an actual PIN, by unwanted observation by a thief during entry of credit account
information by a legitimate user at a public terminal, said method including
the steps of:
A. instructing a potential user at said public terminal to enter in a sequence of segments of a credit account number and of a PIN, said sequence being determined by a pseudo-randomly selected scrambling code, and said instructions being readily
perceived only by said potential user;
B. decoding said sequence of numbers entered by said potential user to generate a decoded credit account number and a decoded PIN in accordance with a decoding code that is a
corresponding counterpart of said pseudo-randomly selected
scrambling code; and
C. allowing access to said credit account for said potential
user if said decoded credit account number is substantially equal to
said actual credit account number and if said decoded PIN is
substantially equal to said actual PIN.
2. The method of claim 1, wherein said public terminal is a
telephone, and wherein step A further includes instructing said potential
SI/ESΠT SHEET RULE 26 user via a receiver portion of a handset of said telephone, wherein said instructions are audible only to said potential user.
3. The method of claim 2, wherein said audible instructions are
generated by prerecording of said instructions and by speech synthesis of said instructions.
4. The method of claim 1, wherein step A further includes
instructing said potential user via a headphone, wherein said instructions are audible only to said potential user.
5. The method of claim 4, wherein said audible instructions are generated by prerecording of said instructions and by speech synthesis of said instructions.
6. The method of claim 1, wherein step A further includes
instructing said potential user via a screen that displays said instructions observable only by said potential user.
7. The method of claim 1, further including the step of:
instructing said potential user to select a preferred language
and generating said instructions in said preferred language.
8. The method of claim 1, further including the step of:
detecting when said potential user wishes to access said
credit account with said method for ensuring security before
performing steps A-C.
SUBSTfflJTE SHEET (RULE 26)
9. The method of claim 1 , wherein said step A includes the step
of: instructing said potential user to enter in at least one
predetermined digit in between said segments of numbers in
accordance with said pseudo-randomly selected scrambling code.
10. The method of claim 1 , further including the steps of:
D. informing said potential user that said credit account number and said PIN entered by said potential user are not valid in the case of one of said decoded credit account number not being substantially equal to said actual credit account number and said decoded PIN not being substantially equal to said actual PIN; and
E. repeating steps A-C after step D is performed.
11. The method of claim 10 wherein said steps A-D are repeated up to a predetermined number of times until said decoded credit account
number is substantially equal to said actual credit account number and said
decoded PIN is substantially equal to said actual PIN.
12. The method of claim 11, further comprising, in the case of
one of said decoded credit account number not being substantially equal to
said actual credit account number and of said decoded PIN not being
substantially equal to said actual PIN, after repeating steps A-D up to said
predetermined number of times: F. notifying said potential user of failure to access said
credit account, and notifying said legitimate user of said
failure to access said credit account by said potential user.
13. The method of claim 12, wherein step F further includes the
step of shutting down said credit account in the case of said potentials
user=s failure to access said credit account.
14. A method for ensuring security against unwanted access to a credit account, having an actual credit account number and an actual PIN, by unwanted observation by a thief during entry of credit account information by a legitimate user at a public terminal, said method including the steps of:
A. detecting when said potential user wishes to access said credit account with said method for ensuring security;
B. instructing a potential user at said public terminal, to enter in a sequence of segments of a credit account number and of
a PIN, said sequence being determined by a pseudo-randomly
selected scrambling code, and said instructions being readily
perceived only by said potential user;
C. decoding said sequence of numbers entered by said
potential user to generate a decoded credit account number and a
decoded PIN in accordance with a decoding code that is a corresponding counterpart of said pseudo-randomly selected
scrambling code;
D. allowing access to said credit account for said potential user if said decoded credit account number is substantially equal to
said actual credit account number and if said decoded PIN is
substantially equal to said actual PIN;
E. informing said potential user that said credit number and said PIN entered by said potential user are not valid in the case of one of said decoded credit account number not being substantially equal to said actual credit account number and said decoded PIN not being substantially equal to said actual PIN;
F. repeating steps A-D each time step E is performed, steps A-D being thus repeated up to a predetermined number of times until said decoded credit account number is substantially equal to
said actual credit account number and said decoded PIN is
substantially equal to said actual PIN; and
G. in the case of one of said decoded credit account number
not being substantially equal to said actual credit account number
and of said decoded PIN not being substantially equal to said actual
PIN after repeating steps A-D up to said predetermined number of
times, notifying said potential user of failure to access said credit
SIIBSTTfUE SHEET (RULE26) account, and notifying said legitimate user of said failure to access
said credit account by said potential user.
15. A credit account access system that prevents unwanted access to a credit account, having an actual credit account number and an
actual PIN, by unwanted observation by a thief during entry of credit
account information by a legitimate user at a public terminal, said system comprising: an instruction synthesizer for generating instructions, to a
potential user at said public terminal, to enter in a sequence of segments of a credit account number and of a PIN, said sequence being determined by a pseudo-randomly selected scrambling code, and said instructions being readily perceived only by said potential user; a memory for inputting and storing said sequence of
numbers entered by said potential user;
a decoder, operatively coupled to said memory, for decoding
said sequence of numbers stored in said memory to generate a
decoded credit account number and a decoded PIN in accordance
with a decoding code that is a corresponding counterpart of said
pseudo-randomly selected code; and
a control switch, operatively coupled to said decoder, for allowing access to said credit account for said potential user if said
decoded credit account number is substantially equal to said actual
credit account number and if said decoded PIN is substantially equal to said actual PIN.
16. The credit account access system of claim 15, wherein said
public terminal is a telephone, and wherein said instructions are communicated to said potential user via a receiver portion of a handset of said telephone, wherein said instructions are audible only to said potential user.
17. The credit account access system of claim 15, wherein said instructions are communicated to said potential user via a headphone, wherein said instructions are audible only to said potential user.
18. The credit account access system of claim 15, wherein said instructions are communicated to said potential user via a screen that
displays said instructions observable only by said potential user.
19. A credit account access system as recited in claim 15
wherein said credit account access system is part of a telephone credit
account system, wherein said public terminal is a public phone, and wherein
said instruction synthesizer, said memory, said decoder, and said control
switch are located within a TSPS (Traffic Service Position System) of a
phone network.
UBSΠTUTI SHEET (RULE 26)
20. A credit account access system as recited in claim 15, further comprising:
a random number generator for generating a random number
that determines said pseudo-randomly selected scrambling code; and
a database, operatively coupled to said random number generator, said instruction synthesizer, and said control switch, for storing said credit account information and a respective scrambling code for each random number generated by said random number generator, said respective scrambling code corresponding to said random number being said pseudo-randomly selected scrambling code.
21. A credit account access system that prevents unwanted
access to a credit account, having an actual credit account number and an actual PIN, by unwanted observation by a thief during entry of credit
account information by a legitimate user at a public terminal, said system comprising:
means for generating instructions, to a potential user at said
public terminal, to enter in a sequence of segments of a credit
account number and of a PIN, said sequence being time- varying and
pseudo-random, and said instructions being readily perceived only
SUBSTTTUTE SHEET (RULE 26) by said potential user;
means for decoding said sequence of numbers entered by
said potential user to generate a decoded credit account number and a decoded PIN; and
a control switch, operatively connected to said means for
decoding, for allowing access to said credit account for said potential user if said decoded credit account number is substantially
equal to said actual credit account number and if said decoded PIN is substantially equal to said actual PIN.
22. The credit account access system of claim 21 , wherein said
public terminal is a telephone, and wherein said instructions are communicated to said potential user via a receiver portion of a handset of
said telephone, wherein said instructions are audible only to said potential
user.
23. The credit account access system of claim 21 , wherein said
instructions are communicated to said potential user via a headphone,
wherein said instructions are audible only to said potential user.
24. The credit account access system of claim 21 , wherein said
instructions are communicated to said potential user via a screen that
displays said instructions observable only by said potential user.
25. A credit account access system as recited in claim 21 , further comprising:
a database, operatively coupled to said means for generating instructions and to said means for decoding, for storing said credit
account information and scrambling codes, each of said scrambling
codes determining a respective pseudo-random sequence
of said segments of a credit account number and of a PIN to be entered by said potential user.
PCT/US1998/016225 1997-08-05 1998-08-04 Apparatus and method for ensuring security during entry of credit account information at a public terminal WO1999008239A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US90593297A 1997-08-05 1997-08-05
US08/905,932 1997-08-05

Publications (1)

Publication Number Publication Date
WO1999008239A1 true WO1999008239A1 (en) 1999-02-18

Family

ID=25421709

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1998/016225 WO1999008239A1 (en) 1997-08-05 1998-08-04 Apparatus and method for ensuring security during entry of credit account information at a public terminal

Country Status (1)

Country Link
WO (1) WO1999008239A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2802685A1 (en) * 1999-12-17 2001-06-22 Ibm Method and software for comparing a PIN number for a service card fitted with a variable display, a new value based on a random number is generated each time the card is used, this new value serves for the next card user
US6456984B1 (en) * 1999-05-28 2002-09-24 Qwest Communications International Inc. Method and system for providing temporary credit authorizations
EP1600899A1 (en) * 2004-05-25 2005-11-30 Siemens Schweiz AG Method for generating an access code
WO2013064359A1 (en) * 2011-11-01 2013-05-10 Bundesdruckerei Gmbh Document, process for authenticating a user, more particularly for releasing a smart-card function, and computer system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5239583A (en) 1991-04-10 1993-08-24 Parrillo Larry A Method and apparatus for improved security using access codes
US5265162A (en) 1990-01-16 1993-11-23 George Bush Portable pin card
WO1993023830A1 (en) * 1992-05-08 1993-11-25 Wesco Software Limited Authenticating the identity of an authorised person
US5367572A (en) 1984-11-30 1994-11-22 Weiss Kenneth P Method and apparatus for personal identification
WO1997011443A1 (en) 1995-09-18 1997-03-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for user authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5367572A (en) 1984-11-30 1994-11-22 Weiss Kenneth P Method and apparatus for personal identification
US5265162A (en) 1990-01-16 1993-11-23 George Bush Portable pin card
US5239583A (en) 1991-04-10 1993-08-24 Parrillo Larry A Method and apparatus for improved security using access codes
WO1993023830A1 (en) * 1992-05-08 1993-11-25 Wesco Software Limited Authenticating the identity of an authorised person
WO1997011443A1 (en) 1995-09-18 1997-03-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for user authentication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"PHONE CARD FRAUD-REDUCTION METHOD", IBM TECHNICAL DISCLOSURE BULLETIN, vol. 38, no. 3, 1 March 1995 (1995-03-01), pages 185, XP000508021 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6456984B1 (en) * 1999-05-28 2002-09-24 Qwest Communications International Inc. Method and system for providing temporary credit authorizations
FR2802685A1 (en) * 1999-12-17 2001-06-22 Ibm Method and software for comparing a PIN number for a service card fitted with a variable display, a new value based on a random number is generated each time the card is used, this new value serves for the next card user
EP1600899A1 (en) * 2004-05-25 2005-11-30 Siemens Schweiz AG Method for generating an access code
WO2013064359A1 (en) * 2011-11-01 2013-05-10 Bundesdruckerei Gmbh Document, process for authenticating a user, more particularly for releasing a smart-card function, and computer system
US9491154B2 (en) 2011-11-01 2016-11-08 Bundesdruckerei Gmbh Document, method for authenticating a user, in particular for releasing a chip card function, and computer system

Similar Documents

Publication Publication Date Title
US5239583A (en) Method and apparatus for improved security using access codes
CA2515803C (en) Computerized password verification system and method for atm transactions
US4761808A (en) Time code telephone security access system
US5940511A (en) Method and apparatus for secure PIN entry
EP0852044B1 (en) Method and apparatus for user authentication
US5971272A (en) Secured personal identification number
US5163097A (en) Method and apparatus for providing secure access to a limited access system
ES2319164T3 (en) PROVISION FOR AUTHENTICATION OF A USER AND AUTHORIZATION OF USE OF A SECURE SYSTEM.
US5822691A (en) Method and system for detection of fraudulent cellular telephone use
US20100325046A1 (en) Transaction Security Method and Apparatus
US7263347B2 (en) Biometric authentication of a wireless device user
GB2086187A (en) Toll barring
CN101291225A (en) Authentication method adopting complex cryptographic technique
CN1759364A (en) Method and system for enabling remote message composition
US5617470A (en) Apparatus and method for preventing unauthorized access to a system
WO1999008239A1 (en) Apparatus and method for ensuring security during entry of credit account information at a public terminal
US6097800A (en) Network controlled telephone for the visually impaired
JP2008181385A (en) Personal identification number restriction removal system and bicycle parking management system
US20020073321A1 (en) Fraud prevention for remote transactions
US6813716B1 (en) Secure calling card and authentication process
GB2227906A (en) Telephone call barring system
AU1313195A (en) Method and apparatus for improved security using access codes
KR20010012019A (en) Financial service system using a fingerprint identification and method thereof
JPH11505638A (en) Method and apparatus for improving security using access codes
CA2163332A1 (en) Method and apparatus for improved security using access codes

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): CA JP MX

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
NENP Non-entry into the national phase

Ref country code: CA