The present invention relates to an apparatus and method for the electronic generation of variable, non-predictable codes and the validation and comparison of such codes for the purpose of positively identifying an authorized individual or user of an apparatus or system and thereafter giving clearance to carry out a privileged transaction or access to a protected system or facility.
There often arises a need to prevent all but selected authorized persons from being able to carry out some defined transaction (such as granting of credit) or to gain access to electronic equipment or other system, facility or data (hereinafter "clearance or access"). Prior methods for preventing unauthorized clearance or access typically involve devices which limit access to the subject data, facility, or transaction to those who possess a unique physical device, such as a key or who know a fixed or predictable (hereinafter "fixed") secret code. The problem inherent in relying on a fixed code or unique physical device as the means to gain such selective clearance or access is that would-be unauthorized users need only obtain possession of the fixed code or unique device to gain such clearance or access. Typical instances of fixed codes include card numbers, user numbers or passwords issued to customers of computer data retrieval services.
The principal object of the invention is to synchronize the generation of time-dependent non-predictable codes which are independently generated on the basis of date and time information which are generated on separate devices which over time may deviate out of time synchrony with each other. A further object of the invention is to provide a practical approach to generating identification codes which are unique to the user and which change periodically without user intervention but which provide a readily verifiable means of identification for providing clearance or access at any time.