APPARATUS, SYSTEMS AND METHODS FOR PROVIDING AT HOME AUTOMATIC TELLER MACHINE SERVICES
FIELD OF THE INVENTION
The present invention relates generally to banking service computer systems, and more particularly, to apparatus, systems and methods for providing "at home" Automatic Teller Machine ("ATM") services ("At-Home ATM") through a user's computer .
BACKGROUND
Using a street-side ATM can be dangerous. A thief, unnoticed by a banking customer, can "steal" the customer's PIN by observing the customer's key strokes when entering the customer' s personal identification number PIN code. Once the customer receives the withdrawn cash, the thief can then threaten the customer, and take the customer's withdrawn cash and the customer's ATM card for the thief s later use.
Accepting cash in payment for goods and services purchased can be risky for a merchant. A person uses "cash" to pay for a purchase. The merchant accepts the cash in exchange for the goods purchased, allowing the purchaser to leave the store with the goods. If the cash is counterfeit, it is often much later after the purchase that the merchant discovers the counterfeit nature of the "cash." At such a post-purchase time, the merchant likely has no way of identifying which purchaser from all the merchant's customers, passed the counterfeit money. Even if the merchant happens to remember the purchaser that passed the counterfeit money, the merchant will likely have no way of locating the purchaser.
What is needed is a way to provide banking customers with banking services, including a functional electronic equivalent to cash withdrawals, using a computer that is conveniently available to the banking customer user and to provide the banking customer and merchants with a cash-like financial instrument embodying positive identification of the banking customer as the authorized bearer and with guaranteed funds for the amount of the instrument.
SUMMARY OF THE INVENTION
The disclosures of U.S. Patent No. 4,083,635, and International Application Serial No. PCT/US99/14253 ("APPARTUS, SYSTEMS AND METHODS FOR POSITIVE IDENTIFICATION CHECKING) are incorporated herein by reference, as if fully stated here, for all purposes.
The present invention provides at home Automatic Teller Machine (ATM) services ("At- Home ATM") through the user's own computer device. The phrase "at home" is used herein to mean available through a user's own computer device; it is understood by a person with ordinary skill in the art that such computer devices include portable devices such as laptop computers and the like.
The present invention provides apparatus, systems and methods for providing banking customers with banking services, including among other things, interactive bank account status dialog as well as a functional electronic equivalent to cash withdrawals, using a computer that
10 is conveniently and personally available to the banking customer user. The present invention provides apparatus, systems and methods that provide the banking customer user and merchants with a cash-like financial instrument embodying positive identification of the banking customer user as the authorized bearer and with guaranteed funds for the amount of the instrument.
The present invention provides apparatus, systems and methods of using a user computer ι r for establishing electronic communications with a host computer comprising, among other things, recognizing input from a card reader device connected to the user computer as a request for at home online banking services; parsing the input according to a set of rules; translating from the parsed input a set of contact information; translating the set of contact information into a set of communication instructions; and executing the set of communication instructions to -jr. establish an electronic communication connection with the host computer.
The present invention provides apparatus, systems and methods for performing by a host computer positive identification security services comprising, among other things: receiving a security transaction from a merchant computer; parsing the security transaction according to a set of security parsing rules; receiving as a value representing an amount of a proposed purchase jr transaction a first merchant input; comparing the value representing an amount of a proposed purchase transaction to the value representing the amount of money available; retrieving a blocked image and an original image from a user database corresponding to the user account identification information; combining into a resulting image the reverse-blocked image with the corresponding blocked image; comparing the resulting image with the original image; rejecting
™ the security transaction if the resulting image does not match the original image; accepting the security transaction if the resulting image matches the original image; for accepted transactions, formatting a display of the original image, generating a set of digital signals representing the display of the original image, and sending the set of digital signals representing the display of the original image to the merchant computer. ,r Many of the attendant features of this invention will be more readily appreciated as the same becomes better understood by reference to the following detailed description considered in connection with the accompanying drawings.
1
DESCRIPTION OF THE DRAWINGS
FIG. 1 is a graphical representation depicting exemplary interfaces between a user's computer and a host computer and exemplary components of each computer system in an c exemplary embodiment of the invention;
FIG. 2 is an exemplary database organization of exemplary information collected by an exemplary embodiment of a Guarantor's Host Computer System in an exemplary embodiment of the invention;
FIG. 3 is a high level logic flow diagram depicting an exemplary logic flow of an , exemplary user sign-on procedure in an exemplary embodiment of the invention;
FIG. 4 is a graphical representation of an exemplary online banking display screen providing an at home ATM service selection option in an exemplary embodiment of the invention;
FIGS. 5a through 5c are a series of graphical representations depicting an exemplary , c graphical representation of a set of six differently colored pixels of an original digitized image, a blocked image and a reverse-blocked image respectively in an exemplary embodiment of the positive identification security feature of the invention;
FIG. 6a is a graphical representation depicting column and row displacement references to an exemplary set of six differently colored pixels of an original digitized image in an y . exemplary embodiment of the positive identification security feature of the invention;
FIG. 6b is a graphical representation of an exemplary array containing information about the pixels depicted in FIG. 6a;
FIG. 7a is a graphical representation of a complete digitized image of an exemplary signature; <-,<- FIG.7b is a graphical representation of a first portion of the digitized image depicted in
FIG. 7a to be communicated to one requestor, who is authorized to see only a portion of the image, according to an exemplary Field Blocker;
FIG. 7c is a graphical representation of a second portion of the digitized image depicted in FIG. 7a to be communicated to a second requestor, who is authorized to see only the reverse- oQ selection portion of the image that could be seen by the first requestor, according to the exemplary Field Blocker.
FIG. 8a is a graphical representation of an exemplary arrangement of six (6) colored pixels;
FIG. 8b is a graphical representation of an array containing pixel descriptions for the -, c exemplary arrangement of six colored pixels shown in FIG. 8a;
FIG. 8c is a graphical representation of a compressed blocked image array for an exemplary blocked image of the exemplary six (6) colored pixels depicted in FIG. 8a;
1
FIG. 8d is a graphical representation of a compressed reverse-blocked image array for an exemplary reverse-blocked image of the exemplary six (6) colored pixels depicted in FIG. 8a;
FIG. 8e is a graphical representation of an alternative embodiment of a compressed r reverse-blocked image array for an exemplary reverse-blocked image of the exemplary six (6) colored pixels depicted in FIG. 8a;
FIG. 9a is graphical representation of a simple exemplary image;
FIG. 9b is a graphical representation of an exemplary jigsaw-puzzle embodiment of pixel groupings formed from the simple exemplary image depicted in FIG. 9a;
, FIG. 10 is a graphical representation of an exemplary embodiment of an exemplary online at home ATM service Welcome display screen;
FIG. 11 is a graphical representation of an exemplary embodiment of an exemplary online at home ATM service Account selection display screen;
FIG. 12 is a graphical representation of an exemplary embodiment of an on screen display ι of an At Home ATM screen that allows the user to select the amount of money to be withdrawn from the user's account
FIG. 13 is a graphical representation of an exemplary embodiment of an on screen display of an At Home ATM screen that allows the user to input a specific amount to be withdrawn from the user's account;
2 FIG. 14 is a high level flow diagram depicting an exemplary embodiment of the user
PortraitCheque order process in an exemplary embodiment of the invention;
FIG. 15 is a graphical representation of an exemplary embodiment of an on screen display of an At Home ATM screen that summarizes the user withdrawal request in an exemplary embodiment of the invention;
^ FIG. 16a is a graphical representation of an exemplary embodiment of an on screen display that informs the user as to the status of the user's withdrawal request in an exemplary embodiment of the invention;
FIG.16b is a graphical representation of an exemplary set PortraitCheque checks.
FIG. 17 is a graphical representation of an exemplary embodiment of an on screen display
•, that instructs the user to examine the checks printed as a result of the user's withdrawal request in an exemplary embodiment of the invention;
FIG. 18 is a high level flow diagram depicting an exemplary embodiment of the positive identification security procedure when a user presents one or more PortraitCheques to a merchant in an exemplary embodiment of the invention;
-, _- FIG. 19 is a high level flow diagram depicting an exemplary embodiment of an exemplary positive identification security validation in an exemplary embodiment of the invention;
FIG. 20 is a graphical representation depicting exemplary interfaces between a user's
-A-
computer and a host computer and exemplary components of each computer system in an exemplary smart card ATM card embodiment of the invention; and
FIGS. 21 a through 21b are a high level flow diagram depicting an exemplary embodiment of an exemplary positive identification security validation in an exemplary smart card ATM card embodiment of the invention.
DETAILED DESCRIPTION OF THE INVENTION I. Overview
10 As depicted in FIG. 1 , a user 302 accesses a computer 303 (the "user's computer") configured with a display monitor 304. that can communicate 306, such as electronically, with a Host Computer 300, such as through a direct connection, through an intranet, or through a global communications network such as the Internet.
The terms "electronic connection" and "electronic communications" in the context of this
, r application includes all types of communications between computers, including modem, telephone, cable, satellite, cellular, infrared and all forms of wireless communications.
The user's computer 303 includes such devices as personal computers, hand held computers, palm computers, laptop computers, notebook computers, televisions with a computer interface, and the like.
2β The user 302 has an account with at least one bank, credit card company or other similar financial institution or financial service. The user 302 registers with a bank, credit card company or other similar financial institution or financial service that sponsors at home ATM services and guarantees the amounts (the " Guarantor") for which PortraitCheque™ checks are written and guarantees the amounts withdrawn by the user and recorded on the user's ATM card. User
2<r registration is described in more detail below in the section titled "User Registration for at home
ATM Services".
The user's computer 303 is configured to communicate 307 with a printer 305 (the "user's printer"). The term user's printer includes but is not limited to offset printers, dot-matrix printers, ink-jet printers, laser-jet printers, laser printers, and further includes all printing devices
-, Q with which the Host Computer 300 can communicate electronically and/or telephonically either directly or indirectly. Further, the term user's printer in the context of this application includes any device which transfers the communication of information from the Host Computer 300 to a physical instrument, including imprinting the information, and also including electronic and/or magnetic recording of the information, on the physical instrument.
1
The user's computer 303 is connected to, or is connectable to, or is capable of communicating with, a device 3 that is capable of reading information from a user's ATM debit card. The computer is connected to, or is connectable to, or is capable of communicating with,
- a printing device 305.
An ATM debit card is typically a credit-card-sized card on which information can be recorded on a data storage magnetic strip, and from which information can be read electronically and/or magnetically. A bank or financial institution Guarantor issues the user an ATM debit card
(referred to herein as an "ATM card"). The user's ATM card typically contains information about the user and the user' s bank account(s) in the data storage magnetic strip (referred to herein as the "ATM card data storage"). Data contained in the ATM card data storage can include, among other things, for instance, contact information for the Guarantor, and the user's name, address, and bank identification infonriation and bank account numbers. In one embodiment, certain security information is also contained in the ATM card data storage as is described below ι in the section titled "Positive Identification Security."
The user 302 accesses the user's computer 303 through a user interface displayed on the display monitor 304 configured with the user's computer.
The Host Computer 300 is programmed to store information in a memory 301 about the user and to fill, record and track orders by each user for cash withdrawals and other banking
20 services. The information stored in the computer memory is referred to herein as the User
Database. Access to update or modify the User Database is tightly secured against update access by third parties. Access to view user photographs and signatures can be provided to authorized persons. The Host Computer 300 (also referred to herein as the Guarantor's Host Computer
System and/or the Guarantor's Computer System) may be a computer that is physically present
2<r in the physical offices of the Guarantor's office location. Alternatively, the Host Computer 300 is any computer system that is accessible through electronic communications with the Guarantor.
The Host Computer 300 may be a server computer accessible by users over a global communications network such as the Internet. Alternatively, the Host Computer 300 may be a computer accessible by users only through a direct access, e.g., dial-in, network.
-. „ The user 302 accesses the User's Computer 303 through a user interface displayed on the display monitor 304 configured with the User's Computer 303. Using the present invention, the user inserts the user's ATM card into a ATM card reader device 3 that is accessible by the user's computer 302. ATM card reader devices include the "swipe" card readers common at ATM's, in banks, and in grocery stores.
35
1
II. User Registration for at home ATM Services
The present invention can be implemented in a number of ways. The embodiments described herein are exemplary and are not a limitation of the invention. r A user will typically register for at home ATM services by providing information similar to that required when opening an account with a bank. Registration can be done in several ways.
Registration can be done by the user presenting the information in person at a physical place, such as the Guarantor's office location. Partial registration can be done over the telephone. In the case of telephone registration, signature and photograph exemplars are forwarded, such as
-, Q by mail, to the Guarantor by the user to complete registration. When registration is not done in person at the Guarantor's physical office location, signature and photograph exemplars can be forwarded to the bank either physically, such as by mail, or electronically, such as by fax. or preferably, by using a scanning device to digitize the signature and/or photograph exemplars and by electronically communicating the digitized form of the exemplars to the Guarantor's registrar, ι r by, such as, electronic mail ("email"). Similarly, when the user provides physical signature and photograph exemplars to the Guarantor, the Guarantor must digitize the exemplars, such as by scanning them with a scanning device, so that the exemplars can be saved in the memory of the
Host Computer 300.
If the bank with which the user holds an account offers at home ATM services (that is, if
20 the bank is an at home ATM Guarantor), then the user may have already supplied much of the information. Furthermore, if the user has already supplied the at home ATM Guarantor with information necessary to register for online banking services, then the user may have further supplied the at home ATM Guarantor with most of the information necessary to register for at home ATM services.
2 FIG. 2 is an exemplary database organization of information collected in one embodiment of the invention by an at home ATM Guarantor administering at home ATM services. According to one embodiment of the invention, as previously mentioned, the database is stored in the memory 301 of the Host Computer 300, or is stored in memory that is accessible by the Host
Computer 300. Standard information is collected such as how the account is held 230, and then
-,0 or each account holder 231 : the account holder's Name 232, Social Security number 233, Home
Street Address 236, Home Mailing Address 237, Home telephone number 238, one or more personal e-mail addresses 239, Business Street Address 241 , Business Mailing Address 242, and
Business telephone number 243.
In the exemplary embodiment depicted in FIG. 2, the following information would also
35 be collected for each account holder 231 : each Bank identification and each Bank Account number in which the account holder holds an account 244. In one embodiment, a single Bank identification and Bank Account number244 is collected. In the case where the Guarantor is a
1 bank, the bank identification is the identifier of the Guarantor and would not typically be collected and maintained for each individual account holder. In an embodiment of the invention in which the Guarantor offers PortraitCheque™ service to multiple banks, the following r information would typically be recorded for each Bank identification and Bank Account number for one or more banks and for one or more accounts in each bank 244: Bank ID 245, Bank electronic routing number 246, user's Bank account number 247, the user's PIN for that Bank
248 and the user's Balance 248a.
Additionally, the following information would further be collected for each account holder 0 231 : each Credit Company and Credit Card account number with which the account holder holds an account 249. In one embodiment, only a single Credit Company and Credit Card account number with which the account holder holds an account 249 is recorded. In an embodiment of the invention in which the Guarantor offers PortraitCheque™ and at home ATM services through multiple Credit Card Companies, the following information would typically be recorded
, r for each Credit Company and Credit Card account number for one or more credit companies and for one or more accounts with each card company 249: Credit Company ID 250. Credit card account number 251 , the user's PIN for that Credit card Company 252, and the user's Available
Credit Limit 252a.
The following information would also be collected for each account holder 231 : the
20 account holder's Digitized Signature 234, the account holder's Digitized Photograph 235, at home ATM security code 240. One way in which the at home ATM security code would be provided is that it would be supplied by the at home ATM software installed on the user/account holder's computer when the user first connects to the online at home ATM service. In one embodiment, the security code is initialized as described above but is available for modification «r by the user.
In the exemplary embodiment depicted in FIG. 2, PortraitCheque™ services are offered as part of at home ATM services. Information concerning each individual PortraitCheque™ check stock supplied to user under Guarantor' s account 253 and each PortraitCheque™ order and presentment transaction are recorded and stored in the memory of the Host Computer. The
-^0 memory of the Host Computer can be any type of computer memory, typically RAM such as on disk, hard drive, or other such memory device. For purposes of this application, the term
"recorded" includes storing the information on the memory of such a computer memory storage device. For each individual PortraitCheque™ check stock supplied to the user under the
Guarantor's account 253, the PortraitCheque™ check number 254 is recorded. In one o embodiment, the date on which the PortraitCheque™ check number is supplied to the user 267 is also recorded. For each PortraitCheque™ check ordered by the user 255 the following information is recorded: Check amount ordered 256, date ordered 257, Account (credit or bank)
1 from which ordered 258, amount debited from user's account 259, Check amount presented 260. date presented 261, difference between amount ordered and amount presented 262, amount debited due to difference 263, date difference debited 264. In one embodiment, the c PortraitCheque™ check number for which the user places an order is recorded with the order transaction 265. In one embodiment, the actual PortraitCheque™ check number presented for processing is recorded with the presentment transaction 266.
The information concerning the individual account and account holder (230-252) may be physically supplied to the Guarantor at the time the account is opened. Alternatively, the account , o holder may supply the information online, or through a any combination of online and physical delivery of the information requested.
The information concerning the PortraitCheque™ stock 253-254, and in one embodiment, the date of supply 267 supplied to the user will be provided by the entity that supplies the check stock to the user (which may be the Guarantor, or a third party PortraitCheque™ check stock , r supplier).
III. At home ATM Services
As depicted in FIG. 3, the user's computer is programmed to recognize the insertion of the user's ATM card 10 and treats the insertion of the card as a request for At Home ATM 20 services. In one embodiment, the user's computer is programmed to read contact information from the user's ATM card for the Guarantor of the particular ATM card 1 1. In an alternative embodiment, the user's computer is programmed to contact a particular Guarantor's Computer System according to pre-defined instructions.
In an exemplary embodiment, the user's computer is programmed to respond to the user's 2-- insertion of the user's ATM card by establishing an electronic connection to, or a path of communication with, the Guarantor's Computer System 12. The user's computer recognizes input from the ATM card reader device connected to the user' s computer as a request for at home online banking services. The user's computer parses the input from the card reader according to a set of rules. The user's computer then translates from the parsed input contact
^ information for the host computer, such as a direct dial telephone number or a URL (Uniform
Resource Locator) address of the Host Computer's web site. The user's computer then translates the contact information into a set of communication instructions and then executes the set of communication instructions to establish an electronic communication connection with the host computer.
35
1
Alternative references herein to the host computer and/or the host computer system mean the Guarantor's Computer System. In an alternative embodiment, the user enters commands to request online banking services and/or at home ATM services, which are also referred to herein tr as ATM@Home™ services.
Once connected to, or otherwise in communication with, the user's computer, the
Guarantor's Computer System and/or the user's computer is programmed to simulate the user interface of the Guarantor's ATM machine services. In one embodiment, the Guarantor's
Computer and/or the user's computer generates for display, and causes the user's computer to
-. r, display on the display monitor connected to or otherwise in communication with the user's computer, a graphical image of the Guarantor's ATM machine 13.
In one embodiment, the user's computer simulates the Guarantor's ATM machine user interface by providing touch sensitive display screen "buttons" that simulate the physical buttons on the Guarantor's ATM machines. The user can interact with the simulated ATM machine (the
, _- "At Home ATM") just as the user would interact with one of the Guarantor's physical ATM machines by pressing the touch-screen sensitive buttons to respond to the ATM inquiries.
Reference herein to an on screen display at the user's computer or at the merchant's computer includes but is not limited to the Guarantor's Computer System being programmed to fonriat the referenced display, to generate the signals necessary to communicate the display to
20 the user's or the merchant's computer, and for the user's or the merchant's computer to receive the formatted display and to display on the display monitor connected to the user's or the merchant's computer or which is otherwise in communication with the user's or the merchant's computer, the formatted screen display. In an alternative embodiment, the user's or the merchant's computer is programmed to format the display screen and to generate the signals to
2r display and to display the formatted screen; the Guarantor's Computer System instructs the user's computer or the merchant's computer as to the type of screen to be formatted and displayed and/or provides the user's computer or the merchant's computer with information about the particular transaction or status of the transaction from which the user's computer or the merchant's computer determines the appropriate screen to be displayed.
^0 FIG. 4 depicts an exemplary embodiment of an exemplary initial online banking screen, a Welcome Screen. The Guarantor's Computer System is programmed to format a Welcome
Screen and to cause the user's computer to display the Welcome Screen on the display monitor of the user's computer. The user is presented with a selection of several online banking options.
ATM@Home™ 101 is one of the service options. The user inputs the user's selection in a touch
,r sensitive embodiment by pressing the on screen ATM@Home™ "button" 101.
Use herein of the ATM@Home™ mark is for illustrative purposes and is in no way a limitation of the invention. ATM@Home™ is also referred to herein as ATMatHome, and as ATM at Home, and as AtHomeATM, and as At Home ATM.
It should be understood that there are numerous ways in which a user can interact with a computer user interface, including but not limited to mouse, track-ball, joystick, voice commands and like devices. The embodiment described herein using touch-sensitive display screen buttons is illustrative and is not a limiting feature of the invention.
Reference herein to touch-sensitive on screen/display screen buttons includes the
10 understanding that the Guarantor's Computer System, and/or the user's computer, and/or the merchant's computer, is programmed to interpret the user touching the on screen button as an affirmation of the answer to the question asked (e.g., QUESTION: Did all checks print correctly? RESPONSE: The user touching the "YES" button is interpreted as a yes answer to the question; the user touching the "NO" button is interpreted as a no answer to the question.) or as an j 5 affirmation of the instruction given (e.g., INSTRUCTION: "CANCEL" - the user touching the
"CANCEL" button is interpreted as an affirmation of a cancel instruction; "OK" — the user touching the "OK" button is interpreted as an affimiation of an authorization instruction.)
In one embodiment, once the user's computer has established electronic connection to, or is otherwise in communication with, the Guarantor's Computer System, the Guarantor's 20 computer requests the user's computer to locate and read the security information in the ATM card data storage. In one alternative embodiment in which an ATM swipe card reader is used, all information contained in the ATM card data storage is read when the user swipes the card through the device. As depicted in FIG. 3, the user's computer reads the security information from the user's ATM card data storage 14 and communicates the security information 15 to the 2-r Guarantor's Host Computer System.
In an alternative embodiment, an example of which is depicted in FIG. 5, instead of reading security information from the ATM card data storage, the user is asked to swipe the user's bank debit card, or ATM card 102 and to enter the user's PIN (Personal Identification Number) 103. The user ' s computer communicates the PIN entered by the user to the Guarantor' s -■0 Computer System. As depicted in FIG. 3, the Guarantor's Computer System validates 16 the security information from the user's ATM card data storage or which has been supplied by the user against security information accessible by the Guarantor's Computer System, such as with security information contained in the User Database 17. The Guarantor's Computer System is programmed to deny and reject any transactions that do not pass security 18. If the security ^c information, then the Guarantor's Computer System formats and generates a notification to be displayed by the user's computer system on user's computer display monitor to notify the user to proceed with the ATM transaction 19.
It should be understood that references herein to memory include resident RAM memory as well as data storage devices such as flash memory, CD ROM, and hard disk magnetic and optical storage units.
IV Positive Identification Security
The positive identification security aspect of the present invention uses a computer (it may be the Host computer, e.g., 300, or a computer separate from the Host computer — both of which are referred to herein as the "security computer system") to store digitized images, to select and
, 0 transmit one portion of the digitized fields to one receiving party, and to select and transmit the reverse-portion of the image to a second receiving party who is authorized to do business with the first receiving party.
In an exemplary embodiment of this aspect of the invention, when the first receiving party and the second receiving party want to do business with each other, both parties send their
, r respective portions of the digitized image to the security computer system. Upon receipt of both sets of image portions, the security computer system attempts to fit the two portions together and then compares the resulting image to the original image (the "fit test"). If the two image portions do not "fit" together, or if every field of the resulting image is not identical to the corresponding field in the original image, then the security computer system alerts one or the other or both
20 parties that they are not authorized to do business with each other. If on the other hand, the two image portions fit together and if the resulting image is exactly the same as the original image, then the security computer system notifies one or the other or both parties to proceed with their business transaction. In an exemplary embodiment, if the two portions pass the "fit test", then the security computer system sends display signals of the original digitized image to the party
2«- requesting security authorization.
To aid in the discussion of the positive identification security aspect of the present invention, it may be helpful to consider the following analogy. The analogy is offered an aid to understanding certain characteristics of different features of this aspect of the invention but is not in any way a limitation of the invention.
^ In the analogy, someone assembles a jigsaw puzzle according to the picture of the puzzle on top of the box in which the puzzle was sold. The puzzle-assembler then puts a light, tacky glue on the top of every puzzle piece that contains a certain color, red for instance. The puzzle- assembler then places a large piece of paper over the top of the puzzle, causing all of the jigsaw puzzle pieces with red to stick to the paper in the relative position which the pieces occupied in o the assembled puzzle. The puzzle-assembler then gives the assembled puzzle minus the pieces with red to a first friend number, and gives the paper with the red-containing pieces to a second friend number.
When the first friend number and the second friend number bring the puzzle-assembler their respective portions of the puzzle, the puzzle-assembler lays the piece of paper with the red- containing pieces over the top of the remaining pieces, and attempts to slide the red-containing pieces into their respective positions in the other portion of the puzzle. If the puzzle-assembler is not able to fit the red-containing pieces into their respective positions in the other portion of the puzzle, then the puzzle-assembler knows that one of the portions of the puzzle was not the portion that the puzzle-assembler gave the friend. If all of the pieces fit, the puzzle-assembler lifts off the paper and compares the assembled puzzle with the picture on the puzzle box. If the
10 puzzle does not match the picture on the box, then one of the portions presented by the friends was not the portion that puzzle-assembler gave the friend.
It should be understood that while the description and examples provided herein are provided in terms of two parties doing business with each other, that this aspect of the invention applies equally to multiple party transactions. Multi-party transactions involve using multiple ι r color designations, multiple blocking levels, multiple transmissions, and assembly of multiple image portions.
According to the positive identification security aspect of the present invention, a digitized representation of a physical object, such as a picture image of an at home ATM services user, is created. Other examples of physical objects include two-dimensional objects such as a page of 20 text, as well as three dimensional objects, such as a digitized, photographic image of a three dimensional object. One way in which a digitized representation is created is to photograph an object and then using a computer, the photographic image, preferably a color photographic image, of the physical object is digitized (the "digitized color image").
According to the positive identification security aspect of the invention, portions of the 2 digitized image can be selectively communicated to authorized requestors based on authorization criteria programmed in the computer.
According to one aspect of the positive identification security aspect of the invention, portions of a digitized image are selectively communicated according to a color designation. It should be understood that images of single color objects, such as signatures, can be digitized, ^o Communication of portions of a digitized single-color image can be based on a set of instructions as opposed to designated colors. Selective communications of single-color images are described further below.
In order to digitize an image, the two-dimensional graphical representation of the image is segmented into tiny pinpoints of information about the image. The tiny pinpoints of o r information are similar to pixels on television display monitors and will be referred to herein as pixels. Each pixel is described by such information as: the location of the pixel within the two- dimensional graphical representation of the image, the color of the pixel, and the intensity of the
1 color of the pixel. Digitization of a photograph, including color photographs, is well known in the art.
The computer is programmed to store the digitized color image on a memory device in r the form of a data structure. Each element of the data structure provides location information, color information, and intensity information about the pixel. Examples of the types of data structures include but are not limited to two-dimensional matrices, multi-dimensional matrices and single dimensional arrays. Elements within the data structures will be referred to herein as cells. In the case where two-dimensional matrices and single-dimensional arrays are used to
, 0 store the digitized color image, cells within the respective data structures can themselves be multi-dimensional or can contain pointers to multi-dimensional data structures.
A particular color or range of colors is designated by a user of the positive identification security aspect of the invention. In one embodiment, the color or range of colors designation is done for an entire system. In another embodiment, color/range of color designation is done on
, an individual image basis. In an embodiment in which color/range of color designation is done on an individual image basis, the designation is stored in memory and can be associated with the appropriate individual image. For instance, in a database of images and related information such as the User database 17 as depicted in FIG. 3, each database image would have associated with it the relevant identified color.
2o Each cell of the data structure is examined for the designated color or range of colors.
Each cell containing the designated color or one of the colors in the designated range of colors is identified.
Cells of the digitized color image can subsequently be selectively communicated. This type of selective communication is referred to herein as a "Field Blocker." A computer with
2<τ authorized access to the digitized color image can be programmed to respond to certain authorization criteria to format selected portions of the digitized color image according to the previously designated color/range of colors. For instance, if the image is requested by a person authorized to see the entire image, the entire image is communicated. On the other hand, if the image is requested by a person authorized to see only the portions of the image that do not
^0 contain the designated color/range of colors, then only the cells of the data structure that do not contain the designated color/range of colors will be communicated to the requestor. If, on the other hand, the image is requested by a person authorized to see only the cells of the data structure that contain the designated color/range of colors, then only those cells will be communicated to the requestor. or It is helpful to consider a simple example of a Field Blocker. FIG. 5a is graphical representation of a set of six differently colored pixels (the original image). Three of the pixels are colored red (501, 503, and 505). One of the pixels is colored blue 502, one yellow 504 and
one green 506. In the example, red is designated as the color to be blocked. As depicted in FIG. 5b, the result of blocking red fields is that the red-containing pixels (501, 503, and 505) are blocked; the red-free pixels (502, 504, and 506) are not blocked. The image that does not contain the blocked pixels, and that does contain the unblocked pixels is referred to herein as the "blocked image." FIG. 5b demonstrates that the blocked image has the same shape and characteristics as the original image as was shown in FIG. 5a except that the pixels containing the designated color, red, are not present. FIG. 5c shows only the pixels that were blocked from the blocked image. The image that contains only the blocked pixels is referred to herein as a
10 "reverse-blocked image." FIG. 5c demonstrates that the reverse-blocked image has the same shape and characteristics as the original image as was shown in FIG. 5a except that only the pixels containing the designated color, red, (501, 503, and 505) are present.
In one embodiment, the identification of cells with the designated color/range of colors is accomplished by specially marking each such cell at a time prior to selectively communicating ι the cells to any requestor.
Special marking of selected cells can be done in number of ways. One way to specially mark a cell is to designate one portion of the memory location for each cell to contain a special marking indicator. The computer is programmed to initialize the contents of all special marking indicators to a null or zero value. When a cell is identified for special marking, the special
20 marking indicator is set to an non-null, or a non-zero value.
FIG. 6a is a graphical representation of six pixels as were earlier shown in FIG. 5a except that for descriptive purposes, position labels identifying the row (510 and 511), and the column (507, 508, and 509) are shown. FIG. 6b is a graphical representation of an exemplary array containing information about the pixels shown in FIG. 6a. It should be understood that the terms 2^ in the left column of FIG. 6a are for descriptive purposes and are not typically contained in an array. Rather, the security system computer is programmed in such a way that the dimensions of the array are defined, and that for any pixel in the original image as shown in FIG. 6a, the information about that pixel can be located at a displacement (e.g., 520, 526 and 532) into the array, for a particular length, the length being determined in accordance with the amount of oo storage necessary to store the information for each pixel.
In FIG. 6b, each pixel is described by location information, e.g., (510, 507) for the first pixel, (510, 508) for the second pixel, and (511, 509) for the sixth pixel, color (e.g., 523, 529, and 535), intensity (e.g., 524, 530, and 536), and a marking indicator (e.g., 525, 531, and 537). It should be understood that the security computer system can be programmed to implicitly
35
understand the positional information concerning each pixel using size parameters of the image and length/displacement characteristics of each cell in the matrix or anay . Accordingly, it should be understood by one with ordinary skill in the art that positional information need not necessarily be explicitly contained in each pixel-describing cell.
Another way to specially mark cells is to create a complete copy of the entire data structure, and for every cell in the original data structure that is not to be specially marked, set the value of the corresponding cell in the copied data structure to 1, or to some non-null value; for every cell in the original data structure that is to be specially marked, set the value of the
10 corresponding cell in the copied data structure to "0" or a null value.
Another way to specially mark cells is to create two additional complete copies of the entire data structure. In the first copy, for every cell that is not to be specially marked, the contents of the cell are left as is; for every cell that is to be specially marked, set the value of the cell to "0" or a null value. In the second copy, for every cell that is not to be specially marked,
, r the contents of the cell are set to "0" or a null value; for every cell that is to be specially marked, the contents of the cell are left as is.
In one embodiment, the user can designate color by inference. For instance, the user can designate that the color to be specially marked be the most predominant color in the data structure. According to the "most predominant color" designation, the digitized color image is
20 first analyzed to identify the most-often occurring color. Once the most-often occurring color has been identified, the cells of the data structure with that color can be identified.
In an alternative embodiment, identification of cells to be selectively communicated is achieved by calculating, according to a set of instructions, the pixels to be blocked. Various sets of instructions can be used to identify portions of an image to be selectively communicated.
2r Using a digitized signature as an example, the objective of such a set of instructions is to communicate only a portion of the digitized signature to certain requestors, and to communicate the remaining portion of the digitized signature to certain other requestors. An example of the results of an exemplary Field Blocker for a single-color image is depicted in FIGS. 7a, 7b, and 7c. FIG. 7a is a graphical representation of the complete digitized image of an exemplary
-, Λ signature. FIG.7b is a graphical representation of the portion of the digitized image to be communicated to one requestor, who is authorized to see only a portion of the image depicted in FIG. 7a, according to an exemplary Field Blocker. FIG. 7c is a graphical representation of the portion of the digitized image depicted in FIG. 7a to be communicated to a second requestor, who is authorized to see only the reverse-selection portion of the image that could be seen by the or first requestor, according to the exemplary Field Blocker. Adding (or "merging") the portions of the exemplary signature depicted in FIG. 7b to the portions of the exemplary signature depicted in FIG. 7c results in the complete exemplary signature as depicted in FIG. 7a.
1
According to another feature of the positive identification security aspect of the invention, selective communication of digitized color images uses a set of instructions that instead of selecting certain cells for communications, extracts a designated color from the compound color r that describes each cell (the "Field Filter"). Primary colors, red, blue and yellow, can be "mixed" to create every color in the color spectrum. Digitized color images typically contain color descriptions for a compound color, that is, one that is some combination of red, blue and/or yellow. Using the Field Filter, the designated primary color, for instance red, is extracted from the color mix for each pixel which uses that primary color to create the compound color for a
JO particular. The first requestor number would get the image without any of the extracted color, that is no red would be used to mix any of the colors in the communicated extracted image. The second requestor number would get the image with only the extracted color, that is, only the contributing red used to create the picture would be communicated.
The positive identification security aspect of the present invention is used in a number of ι r ways. One way is to provide certain security in the pre-printing of special PortraitCheque check stock as disclosed in International Application Serial No. PCT/US99/14253, the disclosure of which has been previously incorporated by reference herein for all purposes. As disclosed in the referenced International application, one feature of PortraitCheque check stock is that it bears a photographic image of the bearer on the face of the check. As is also disclosed in the referenced
2o International application, another feature of PortraitCheque check stock is that it bears a digitized image of the bearer's signature on the face of the check.
As described above, the user registers for at home ATM and PortraitCheque services by providing certain information, including among other things, signature and photograph exemplars.
2 FIG. 2 is an exemplary database organization of information that is collected and stored in memory 301 (as depicted in FIG. 1) as part of a User Database 17 (as depicted in FIG. 3) by a PortraitCheque Guarantor using the Host Computer 300 (as depicted in FIG. 1). As previously described, for each account holder 231 the database will contain, among other things: the account holder's Digitized Signature 234, and the account holder's Digitized Photograph 235 In an oo exemplary embodiment, for digitized images such as 234 and 235, the user database 17 contains the actual matrix or array of pixel information described above, or in an alternative embodiment, contains a pointer to such a matrix or array.
As disclosed in the referenced provisional applications, the user can request a certain number of PortraitCheque check stock. o r Once the user has supplied all of the information necessary to register for the
PortraitCheque service, the user is supplied with PortraitCheque check stock, and can use a computer accessible by the user to order PortraitCheque checks (the "User Print" embodiment).
In the referenced International application, it was disclosed that, in one embodiment, the user's photograph is pre -printed on the PortraitCheque check stock. In another User Print embodiment, the user's digitized photograph is downloaded from or otherwise communicated from the Guarantor's database to the user's computer each time the user orders one or more checks and is printed in color ink on each check ordered.
In the referenced International application, it was disclosed that, in one User Print embodiment, the user's signature is pre-printed on the PortraitCheque check stock. In another
User Print embodiment, the user's digitized signature is downloaded from or otherwise
, o communicated from the Guarantor's database to the user's computer each time the user orders one or more checks and is printed on each check ordered.
Using the positive identification security feature of the present invention, the pre-printed check stock contains selected portions of the user's photographic image and the user's digitized signature. For instance, using the Field Blocker or Field Filter, when the user requests ι r PortraitCheque check stock, portions of the user's color photograph and portions of the user's digitized signature are communicated to the supplier of the check stock and are then be preprinted on PortraitCheque check stock. Using the computer accessible by the user, using the received PortraitCheque check stock, the user can then order PortraitCheque checks and print the reverse-blocked of the photograph and signature on PortraitCheque check stock using the user- 2o accessible printer. This approach of selective pre-printing secures the pre-printed check stock from fraudulent use and simplifies the printing at the user-accessible printing.
Another way in which the present invention is useful is a security alternative to PIN numbers such as for the user's ATM card. In an exemplary embodiment, the user supplies the user's photograph and signature to a security service. A security service digitizes the photograph
2 and signature of the user and stores the digitized photograph and the digitized signature in a database of security subscribers. The security service then uses one of either a Field Blocker or a Field Filter for the user's digitized photograph to create a user-portion and a reverse-blocked image of the user's digitized photograph. Similarly, the security service uses a Field Blocker to create a user-portion and a reverse-blocked image of the user's digitized signature. The security oo service provides the user with a universal ATM smart card, and/or in the alternative, updates one of the user's existing ATM smart cards, and/or provides the user with a diskette or CD ROM, with the user-portion of the user's digitized photograph and the user-portion of the user's digitized signature. The user then requests that the security service provide one or more service organizations (participating services), such as banks, credit companies, and the like (such as at o home ATM service Guarantors), with the reverse-blocked image of both the user's digitized photograph and the user's digitized signature.
1
When the user wants services from any one of the participating at home ATM services. the participating service requests that the user provide the user-portion of the user's digitized photograph and digitized signature. The participating service then combines the user-portion of c the user's digitized photograph and digitized signature with the reverse-blocked image of both the user's digitized photograph and the user's digitized signature.
In one embodiment, the security service is the only source of the correct combined digitized photograph and digitized signature. In that case, the participating service sends the combined images of the user-portion of the user's digitized photograph and digitized signature to the security service for comparison for verification. Communication between the security service and the participating services (e.g., the Host computer 300 as depicted in FIG. 1) can be performed over the Internet or over dedicated lines of communication.
In another embodiment, the security service provides each participating service with the correct combined digitized photograph and digitized signature. The participating service then ι compares the combined images of the user-portion of the user's digitized photograph and digitized signature with the correct combined digitized photograph and digitized signature.
In one embodiment, the blocked image matrix/array and the reverse-blocked image matrix/array are compressed before either is transmitted to another party. Compression in this embodiment means that the cells in the blocked image matrix/array for the color that has been 2 blocked are removed from the transmitted matrix; the cells in the reverse-blocked image matrix/array for colors other than the designated color are removed. Removal in this embodiment means that the cells are completely deleted resulting in a smaller sized matrix/array. Removal is different than a place-saving null cell that is used in other embodiments. In this embodiment, the cells in the transmitted matrix/array contain explicit positional pixel 2 information.
FIG. 8a is a graphical representation of an exemplary arrangement of 6 colored pixels (501 , 502, 503, 504, 505, and 506). FIG. 8b is a graphical representation of an array containing the pixel descriptions for the 6 pixels shown in FIG. 8a. Positional information in this array is implicit. Each cell of the array contains the color (523, 529, 538, 541 , 544, 535), the intensity 30 (524, 530, 539, 542, 545, 536) and the marking indicator (525, 531, 540, 543, 546, and 537).
The first cell of the array contains the information (523, 524, 525) describing the pixel in the first row 510 and the first column 507 of the exemplary image. The second cell of the array contains the information (529, 530, and 531) that describes the pixel in the first row 510 and the second column 508. The other pixels are described in the remaining cells of the array, or FIG. 8c is a graphical representation of a compressed blocked image array. In order to allow compression, the positional indicators that were implicit in the full image array as depicted in FIG. 8b have been explicitly described for each pixel in the compressed array shown in FIG.
1
8c. Similarly, FIG. 8d is a graphical representation of a compressed reverse-blocked image array.
In order to allow compression, the positional indicators that were implicit in the full image array as depicted in FIG. 8b have been explicitly described for each pixel in the compressed array r shown in FIG. 8d. FIG. 8e is a graphical representation of an alternative embodiment of the compressed array for a reverse-blocked image. As shown in FIG. 8e, the color, intensity and marking indicator are constant for every blocked pixel and therefore need only be described a single time; the positional information for each blocked pixel is kept in a cell describing the pixel. The explicit positional information in the compressed arrays is used by the security 1 o computer system to reassemble the complete image once both the blocked image and the reverse- blocked image have been received.
Header information (not shown) for the matrix/array is provided that indicates whether the matrix/array is a blocked image or a reverse-blocked image, contains identification information for matching purposes, and, among other things, contains compression and ι r expansion instructions. Header information can be included as part of the matrix/array, or can be a separate data structure or record that contains information from which the security computer system can associate the header with the corresponding matrix/array.
Another aspect of the positive identification security aspect of the present invention groups pixels according to a physical demarcation of an image. An embodiment of this aspect 20 of the invention acts as a jigsaw to a picture. The security computer system is programmed to execute a set of pre-defined instructions to produce jigsaw-puzzle like pieces of a digitized image. In one embodiment of the jigsaw-puzzle feature, each puzzle piece of the image is represented by a matrix. FIG. 9a is graphical representation of a simple exemplary image. FIG. 9b is a graphical representation of an exemplary jigsaw-puzzle embodiment of pixel groupings. 2 Information about the pixels in each of the puzzle pieces (601, 602, 603, 604, 605, and 606) is contained in a matrix corresponding to that puzzle piece. In one embodiment, blocking is accomplished by blocking pieces of the puzzle, as opposed to blocking pixels with a designated color. Designation of which pieces to block can be done on the basis of a random number generator, or alternatively, according to a set of predefined instructions. The total image is oo represented in computer memory with a matrix of addresses of the matrices that contain the information for each piece. The total image matrix contains positional information that describes the position of each piece in relation to the total image. The security computer system uses the positional information in the total image matrix to reassemble the puzzle pieces.
The jigsaw puzzle feature of the positive identification security aspect of the invention can or be used to carve up a digitized graphic representation of a page of text, separately transmit the jigsaw pieces of the page, and reassemble the pieces at the receiving end.
1
It should be understood that the size and shape of the "pieces" into which a particular graphic is cut can be of variable size and shape as between different graphics. Furthermore, it should be understood that the size and shape of the "pieces" into which a particular graphic is cut r can be of variable size and shape as to a single graphic. The size and shape of the pieces is determined by the particular set of instructions which the computer is programmed to execute for the particular image.
V. Recording Positive Identification Security Information and Validating User Access
, 0 In an exemplary embodiment of the present invention, the security information on the user's ATM card data storage is a blocked image portion of a digitized image of the user's photograph. The user registers for the ATM card by providing, among other things, a personal identification photograph. The Guarantor digitizes the user's photograph and stores the user's digitized photograph in the user database 17 in the memory 301 accessible by the Guarantor's
, r Host computer 300 containing the user's information, as disclosed above. The Host computer or an alternative security computer system records a blocked image of the user's digitized photograph on the user's ATM card.
In an exemplary embodiment of the present invention, the user accesses the requested at home ATM service. The Host computer 300 generates display signals to display instructions to
2 the user to swipe the user's at home ATM card, an exemplary embodiment of which is depicted in FIG. 10.
When the user swipes the user's ATM card in the ATM card swipe device 3 as depicted in FIG. 1, the Guarantor's Host Computer System 300 attempts to fit the user-supplied blocked image portion that it obtains from the user's ATM card with the reverse-blocked image portion
2r of the digitized image of the user's photograph and then compare the result to the original digitized image. If the result of the operation to combine the two images is different than the original image, then the Guarantor's computer will deny the user access to further ATM processing. If, on the other hand, the Guarantor's Computer System validates the user-supplied security information, the user is granted access to further ATM processing.
30
VI At Home ATM Services
As depicted in an exemplary embodiment of an ATM@Home screen represented in FIG.
11, once the user is granted access to ATM processing, the user is prompted to identify the account from which the user wants to withdraw money. In a touch sensitive embodiment, the o r user can identify the user's Checking Account by pressing the touch sensitive on screen
Checking Account button 104; the user can identify the user's Savings Account by pressing the touch sensitive on screen Savings Account button 105.
1
The At Home ATM does not provide the user with denominations of traditional United
States currency. However, the At Home ATM can provide the user, at the user's request, with denominations of, or with user-specified amounts of, PortraitCheque checks, which are described r in International application serial number PCT/US99/14253, the disclosure of which has been previously incorporated for all purposes herein.
FIG. 12 is a graphical representation of an exemplary embodiment of an on screen display of an At Home ATM screen that allows the user to select the amount of money to be withdrawn from the user's account. The identification of the user's account from which money is to be
10 withdrawn, such as the user's Savings Account, or the user's Checking Account, is displayed on the screen 106. In the depicted embodiment, the user can select one of several options to withdraw money: $20 (107); $40 (108); $60 (111); $80 (108); $100 (110); or Other Amount 112.
In a touch-sensitive embodiment, the user touches the on screen button beside the option that the user wants to select to input the user's selection. ι r In one embodiment, if the user designates the Other Amount option 112, then the user is asked to input the specific amount to be withdrawn. FIG. 13 is a graphical representation of an exemplary embodiment of an on screen display of an At Home ATM screen that allows the user to input a specific amount. A field is provided in the on screen display. In one embodiment, the user uses the keyboard connected to, or otherwise in communication with, the user's computer
20 to key in the specified amount 1 15. In one embodiment, the on screen display contains a message that tells the user that the amount to be specified must be a multiple of $20; the input field is edited to ensure that the amount input is a multiple of $20; the user is notified if an amount that is not a multiple of $20 in input.
As depicted in FIG. 13, the user can cancel the transaction by pressing the on screen r Cancel button 116. In one embodiment, every At Home ATM on screen display provides the on screen Cancel button 116.
FIG. 14 is a high level flow diagram depicting an exemplary embodiment of the user
PortraitCheque order process in an exemplary embodiment of the invention. As depicted in FIG.
14, the user chooses the ATM option to request an amount of PortraitCheques to be written 20. o o The user specifies an amount of money to be ordered 21. In one embodiment, a daily dollar limit is pre-set, and PortraitCheques can only be written in pre-established denominations, for instance, twenty dollar ($20) denominations.
Continuing with FIG. 14, the Guarantor's Host Computer System 300 checks the user's account balance of one or more bank accounts to verify if the user has sufficient funds 22. If the o r user does not have sufficient funds, the Guarantor' s Computer System is programmed to generate a transaction to the user's computer, or to otherwise notify the user, that the user has insufficient funds 23. If the user has sufficient funds to cover the amount ordered, the Guarantor's Computer
System is programmed to proceed with the transaction 24. For a transaction for which sufficient funds exist, the Guarantor's Computer System generates 25 and communicates 26 a transaction, or set of transactions, to the user's computer instructing the user's computer to print an appropriate number of PortraitCheques in the appropriate denominations equal to the ordered amount. The user's computer is programmed to receive the transactions, or set of transactions, transmitted by the Guarantor's Computer System, and is further programmed to format and print an appropriate number of PortraitCheques in the appropriate denominations equal to the ordered amount. 27.
10 The Guarantor's Host Computer System 300debits the user's bank account/accounts for the amount of money ordered 29 and credits the Guarantor's account with the amount of money ordered 30. Alternatively, if the user's account from which the money ordered must be debited is not an account controlled by the Guarantor, then the Guarantor's Computer System generates a transaction to debit the amount from the appropriate account with the appropriate bank and ι r communicates the transaction to the appropriate bank. The Guarantor's account will show an accounts receivable for the amount of money ordered. When a transaction is received from the appropriate bank which has the account from which the money is ordered, then the amount of money is used to satisfy the accounts receivable and is credited to the Guarantor's account.
FIG. 15 is a graphical representation of an exemplary embodiment of an on screen display
20 °f an At Home ATM screen that summarizes the user withdrawal request. As depicted in FIG.
15, the Guarantor's Host Computer System 300 is programmed to format a screen, and to cause the user's computer to display that screen on the display monitor of the user's computer, that informs the user that the user has requested a total withdrawal amount 120 and that specifies the account (Savings or Checking) from which the user has requested that the money be withdrawn
2<r 106. As depicted in Fig. 15, the Guarantor's Host Computer System 300 is programmed to format a screen display that instructs the user to prepare the printer and load the printer with the appropriate number of checks 121. As is further depicted in FIG. 15, the Guarantor's Host
Computer System 300 is programmed to instruct the user to input the check number of the first check to be printed. The screen provides a user input field 122 for the first check number. In one o n embodiment, the user uses the user's keyboard to input the check number. As is also depicted in FIG. 15, the computer is programmed to format an "OK" button 123. In a touch-sensitive user screen embodiment, the user instructs the Guarantor' s Computer System to proceed with printing the PortraitCheques by touching the on screen OK button 123. Alternatively, the user can cancel the transaction by pressing the on screen display of the Cancel button 1 16. o FIG. 16a is a graphical representation of an exemplary embodiment of an on screen display that informs the user as to the status of the user's withdrawal request in an exemplary embodiment of the invention. The Guarantor' s Computer System is programmed to format such
a status screen and to cause the user's computer to display the screen on the user's display monitor. The screen is formatted to display the current status of the user's request 130 such as "Printing Checks," "Unable to Complete Transaction," "Insufficient Funds," "Insufficient Number of Checks," etc. FIG.16b is a graphical representation of an exemplary set
PortraitCheque checks.
FIG. 17 is a graphical representation of an exemplary embodiment of an on screen display that instructs the user to examine the checks printed as a result of the user's withdrawal request in an exemplary embodiment of the invention. The Guarantor's Computer System is
10 programmed to format such a status screen and to cause the user's computer to display the screen on the user's display monitor. As depicted in FIG. 17, the screen is formatted to display the beginning 140 and ending 141 check numbers printed. The user is asked to confirm whether the checks printed correctly by pressing the "YES" button 142 or the "NO" button 143. The Guarantor's Host Computer System 300 is programmed to interpret the user's touch of the user's ι r touch of the "YES" button 142 as a yes answer to the question, and the user's touch of the "NO" button 143 as a no answer to the question. In one embodiment, if the Guarantor's Host Computer System 300 receives a "no" answer, the Guarantor's Host Computer System 300 instructs the user to contact a particular number for assistance. In the depicted embodiment, the user is also asked to choose whether to proceed with a new transaction (by pressing the "YES" button 144)
20 or to not proceed with a new transaction (by pressing the "NO" button 145).
It should be understood by a person with ordinary skill in the art that many of the functions for which the Guarantor's Computer System is described above as being programmed to be performed can be programmed to be performed by the user's computer. The scope of the invention is not to be restricted to the embodiments described herein. Various and numerous other arrangements may be devised by one with ordinary skill in the art without departing from the spirit and scope of this invention.
VII. Merchant-Side ATM processing of PortraitCheques
FIG. 18 is a high level flow diagram depicting an exemplary embodiment of the positive o o identification security procedure when a user presents one or more PortraitCheques to a merchant in an exemplary embodiment of the invention. When the user presents the one or more PortraitCheques to a merchant, the merchant requests that the user swipe the user's ATM card through the merchant's ATM card reader/writer 40 which is electronically connected to, or is connectable to, or capable of communicating with, a computer with a display monitor in the or merchant's store (the "merchant's computer"). The merchant's computer is programmed to use the merchant's card reader to read information from the user's ATM card such as contact information for the Guarantor 41, user identification information 44, and any security
information 45. The merchant's computer recognizes input from the card reader device connected to the merchant's computer as a request for processing a negotiable cash-like financial instrument The merchant's computer uses the contact information and establishes communications with the Guarantor's Computer System 42 if such a communication has not been previously established. In one embodiment, the merchant scans the PortraitCheque to read the amount of the check 43. In an alternative embodiment, the merchant keys in the amount of the check.
In one embodiment, the Guarantor's Host Computer System 300 is programmed to track 0 a daily limit for the amount of PortraitCheques that can be used by each user. In such an embodiment, the Guarantor's Computer System is programmed to accumulate the amount of checks presented by each user and to compare the amount of checks presented for the day with the daily limit 46. The Guarantor's Computer System is further programmed to notify the merchant if the user presents a PortraitCheque for an amount of money that would cause the daily 5 limit to be exceeded 47.
It should be understood that the invention is not limited to the order of the steps described herein. The order described herein is illustrative; the scope of the invention is not to be restricted to the order of the steps described herein. Various and numerous other arrangements may be devised by one skilled in the art without departing from the spirit and scope of this invention. 0 In an embodiment in which the merchant swipes the user's ATM card, the merchant's computer is programmed to generate a transaction to the Guarantor's Computer System containing security information obtained by the Merchant's Computer through the ATM card reader from the user's ATM card so that the Guarantor's Computer System can validate the spending transaction by the user. The validation transaction contains security information read from the ATM card data storage 48. The Guarantor's Computer System is programmed to receive the transaction generated by the merchant's computer, and to validate the security information in the transaction 49 with security information in the User Database (17 in FIG. 3) for the particular user. The Guarantor's Computer System is programmed to reject transactions (PortraitCheques) that are not validated 50. The Guarantor's Computer System is programmed o o to notify the merchant that the transaction is authorized if the security information from the user' s
ATM card is valid 51.
FIG. 19 is a high level flow diagram depicting an exemplary embodiment of an exemplary positive identification security validation in an exemplary embodiment of the invention. In the exemplary embodiment depicted in FIG. 19, the merchant's computer reads a reverse-blocked o image of the user's photograph and user identification information from the user's ATM card data storage 400. By the term "read", it is meant that the merchant's computer parses input from the card reader device connected to the merchant's computer according to a set of rules and then
translates from the parsed input a set of contact information, a set of user identification information, a value representing the amount of money available, and a set of security information. In one embodiment, the set of security information comprises a set of digital signals that represent a reverse-blocked image of a digitized photograph of the user.
The merchant's computer is programmed to generate a transaction to the Guarantor's Computer System (also sometimes referred to herein as the "Host Computer") containing the user identification information and the reverse-blocked image 401.
The Guarantor's Computer System is programmed to receive the security transaction 402
10 from the merchant's computer. The Guarantor's Computer System parses the security transaction according to a set of security parsing rules and translates from the parsed input a set of user account identification information and a set of digital signals representing a reverse- blocked image of a digitized image
Using the account identification information, the Guarantor's Computer System retrieves
, r 403 a blocked image and an original image from the User Database 17 that corresponds to the user account identification information.. The Guarantor's Computer System then combines into a resulting image the reverse-blocked image with the corresponding blocked image 404. The Guarantor's Computer System then compares the resulting combined image with the original image stored in the User Database 405.
20 If the combined image does not match the original image, then the Guarantor's Computer
System notifies the merchant to not proceed (which the merchant's computer displays) with the transaction 406, 407. If the combined image matches the original image, then the Guarantor's Computer System formats, generates and communicates to the merchant's computer a transaction containing the original digitized graphic image of the user's photograph 408.
2*- The merchant's computer is programmed to display the user's photograph received from the Host Computer on the display monitor configured with the merchant's computer 409. The merchant can then visually determine whether the user is the person authorized to use the card and whether the face of the person presenting the PortraitCheques is the person authorized to do so 410. If the merchant positively identifies the user, the merchant authorizes the transaction and oo accepts the PortraitCheques 413. Otherwise, if the displayed photograph does not match the person presenting the ATM card, then the merchant denies the transaction 411, 412.
VIII. Exemplary Smart Card Embodiment
In one embodiment, the user's ATM card is a Smart Card. A Smart Card is typically a o r credit-card-sized card on which information can be recorded electronically and/or magnetically, and from which information can be read electronically and/or magnetically. Some Smart Cards provide random access memory (RAM) and/or read-only memory (ROM). Some Smart Cards
1 are equipped with a battery and can send and receive RFID (Radio Frequency Identification) signals.
In a Smart Card embodiment of the present invention, a bank or financial institution (a c "Guarantor") issues the user a Smart Card in the form of an ATM smart card. The user's Smart
Card ATM card typically contains information about the user and the user's bank account(s) in the storage device of the Smart Card, such as ROM. In one embodiment, the Smart Card ATM card ROM contains additional types of information, for instance, the user's name, address, and bank account numbers. Certain security information is also contained in the Smart Card ATM ι o card ROM. In an exemplary Smart Card embodiment, a portion of a digitized image, such as the reverse-blocked image as previously disclosed above, of a digitized image of the user's photograph is contained in the Smart Card ATM card ROM, or alternatively, in the card's RAM or other memory.
As depicted in FIG.20, in an exemplary Smart Card embodiment of the invention, the user ι r 302 inserts the user's Smart Card ATM card into a Smart Card ATM card reader device 308 that is accessible by the user's computer 303. The user's computer 303 is programmed to recognize the insertion of the user's Smart Card ATM card and treats the insertion of the card as a request for At Home ATM services. In a Smart Card embodiment of the invention, the user's computer is programmed to read contact information from the user's Smart Card ATM card for the
20 Guarantor of the particular Smart Card ATM card. In the exemplary smart card embodiment, the user's computer is programmed to respond to the user's insertion of the user's Smart Card ATM card by establishing an electronic connection to, or a path of communication with, the Guarantor's Host Computer System 300. Once connected to, or otherwise in communication with, the user's computer 303, the Guarantor's Host Computer System 300 and/or the user's
2r computer 303 is programmed to simulate the user interface of the Guarantor's ATM machine services as was previously described above.
In a Smart Card ATM card embodiment, the Guarantor's Host Computer System 300 is programmed to update the user's Smart Card with a balance of money available for withdrawal when the user requests that money be withdrawn. The user's computer is connected to or is on otherwise in communication with a device 308 that updates the user's Smart Card data storage with the user's balance when a withdrawal from the user's account is requested.
In a Smart Card ATM card embodiment of the invention, when the user presents the Smart
Card ATM card to a merchant to spend some or all of the money on the Smart Card ATM card, the merchant inserts the user's Smart Card ATM card into a Smart Card ATM card reader/writer o r which is electronically connected to, or is connectable to, or capable of communicating with, a computer with a display monitor in the merchant's store (the merchant's computer).
As depicted in FIGS. 21a through 21b, in a Smart Card ATM card embodiment of the invention, the merchant's computer is programmed to use the merchant's card reader to read information such as contact information for the Guarantor, user identification information, the money balance and any security information, from the user's Smart Card ATM card 416. The merchant's computer uses the contact information to establish communications with the Guarantor's Computer System if such a communication has not been previously established 417. As depicted in FIGS. 21a through 21b, the merchant's computer compares the amount of the proposed transaction to the amount of money indicated in the total balance amount in the
10 RAM memory of the user's Smart Card ATM card 418. If the amount of the proposed transaction exceeds the amount of the user's balance 419, the merchant's computer is programmed to deny the transaction and reject the card and to specify the reason for denial as a shortage of funds 420, 421. In one embodiment, if the user has sufficient funds, the merchant's computer is programmed to, at that point, establish an electronic connection to, or to
, r communicate with, the Guarantor's Computer System, such as a connection with the Guarantor's website on the Internet.
In a Smart Card embodiment of the invention, the merchant's computer is programmed to generate a transaction to the Guarantor's Computer System containing security information from the user's Smart Card ATM card so that the Guarantor's Computer System can validate the
20 spending transaction by the user 401. The validation transaction contains security information read from the RAM memory of Smart Card ATM card. The Guarantor's Computer System is programmed to receive the transaction generated by the merchant' s computer 402, and to validate the security information in the transaction with security information in the User Database for the particular user. The Guarantor's Computer System is programmed to reject transactions that are r not validated. The Guarantor's Computer System is programmed to notify the merchant that the transaction is authorized if the security information from the user's Smart Card ATM card is valid.
In one Smart Card embodiment of the invention, the merchant' s computer reads a reverse- blocked image of the user's photograph from the memory, e.g., RAM memory, of the user's oo Smart Card ATM card and user identification information from the ROM memory of the user's
Smart Card ATM card.
The merchant's computer is programmed to generate a transaction to the Guarantor's Computer System containing the user identification information and the reverse-blocked image 401.
35
1
The Guarantor's Computer System is programmed to receive the security transaction 402 from the merchant's computer. The Guarantor's Computer System parses the security transaction according to a set of security parsing rules and translates from the parsed input a set r of user account identification information and a set of digital signals representing a reverse- blocked image of a digitized image
Using the account identification information, the Guarantor's Computer System retrieves 403 a blocked image and an original image from the User Databasel7 that corresponds to the user account identification information.. The Guarantor's Computer System then combines into , o a resulting image the reverse-blocked image with the corresponding blocked image 404. The
Guarantor's Computer System then compares the resulting combined image with the original image stored in the User Database 405.
If the combined image does not match the original image, then the Guarantor's Computer
System notifies the merchant to not proceed (which the merchant's computer displays) with the
, r transaction 406, 407. If the combined image matches the original image, then the Guarantor's
Computer System formats, generates and communicates to the merchant's computer a transaction containing the original digitized graphic image of the user's photograph 408.
The merchant's computer is programmed to display the user's photograph on the display monitor 409. The merchant can then visually identify whether the person bearing the card is the 20 person authorized to use the card 410. If not, the merchant denies the transaction 411, 412; if so, the merchant can authorize the transaction 413.
In a Smart Card embodiment of the invention, if the merchant authorizes the transaction 413, the merchant indicates the authorization to the merchant's computer, by, for instance, pressing an Enter button on the keyboard of the merchant's computer. It should be understood 2 that there are numerous ways for an individual to interact with a computer, and that the example of pressing a particular button on a keyboard is illustrative and is not a limitation of the invention.
In a Smart Card embodiment of the invention, once the merchant authorizes the transaction, the merchant's computer is programmed to receive the authorization 414, and to on update the amount stored in the data storage, such as RAM memory, of the user's Smart Card
ATM card by debiting the balance by for the amount of the transaction 415. In one embodiment, the user's balance is debited by an amount of the transaction plus a fee for using the Smart Card ATM card service.
35
ILLUSTRATIVE EMBODIMENTS
Although this invention has been described in certain specific embodiments, many additional modifications and variations would be apparent to those skilled in the art. It is, therefore, to be understood that this invention may be practiced otherwise than as specifically described. Thus, the embodiments of the invention described herein should be considered in all respects as illustrative and not restrictive, the scope of the invention to be determined by the appended claims and their equivalents rather than the foregoing description.